MITRE has flagged the Facility Security Officer (FSO) / Information Security System Manage job as unavailable. Let’s keep looking.

Title:

Information Systems Security Officer

KBR has an opening for an Information Systems Security Officer to join our team of qualified, diverse individuals onsite at KBR, Lexington Park, MD. This position requires on site presence.

Note: Remote or Tele-Work is not available.

Duties and Responsibilities:

  • Serve as an Information Systems Security Officer (ISSO) for Government information systems in support of a Program Management Activity (PMA).
  • Performs extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Candidate will achieve this through passive evaluations (compliance audits) and active evaluations (vulnerability assessments). 
  • Establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
  • Assists in the implementation of the required government policy (i.e., RMF, NISPOM, JSIG) and makes recommendations on process tailoring. 
  • Performs extensive analyses to validate established security requirements and to recommends additional security requirements and safeguards.
  • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. 
  • Periodically conducts of a review of each system's audits and monitors corrective actions until all actions are closed.

Required Qualifications:

  • Bachelor’s degree in computer and architecture information systems management or related field from an accredited college or university or equivalent experience is required OR an additional four (4) years of relevant experience may be substituted for a Bachelor’s Degree
  • Two (2) years of experience with mid-sized client/server systems in systems analysis, software design, software development, and system administration is required.
  • Experience with DoD M5205.07 Series, Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) requirements is required.
  • Knowledge of quality assurance, quality control, and independent verification and validation techniques is required
  • Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies is required.
  • Experience with managing secure Information Systems (IS) and databases while implementing and maintaining cross-domain solutions is required.
  • A current Information Assurance Manager (IAM) Level I certification in accordance with DoD 8570.01-M, or the ability to gain the IAM Level I certification within six months is required.
  • Applicant selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. A current Top Secret Clearance with a Single Scope Background Investigation (SSBI) completed within the last 6 years is required.

Preferred Qualifications:

  • Implement Risk Management Framework (RMF) in accordance with NIST SP 800, Joint Special Access Program Implementation Guide (JSIG).
  • Participates in the development and maintenance of system security plans and contingency plans for all systems under their responsibility.
  • Draft, maintain, Planned, System Security Checklists, Privacy Impact Assessments, POA&M, and Authority to Operate (ATO) artifacts.
  • Develop Plan of Action and Milestones (POA&M) for identified vulnerabilities and ensure compliance through monthly / quarterly updates.
  • Maintain inventory of all information Security System assigned.
  • Develop a variety of Assessment & Authorization deliverables including System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan (CP) and POA&M for review and approval for Authorization Official.

Contract requirements regarding education and experience will prevail.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

Read Full Description
Confirmed 13 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles