"Alerted.org

Jacobs is looking for a Information System Security Officer to join our Sensor Processing Team. Candidates must have a strong Information Assurance/Security background and be capable of coming up to speed on all ICD 503 computing security responsibilities and IA actions. Candidates must have good communication and problem-solving skills, and the ability to work both independently and collaboratively in a team environment as required.

Duties/Tasks and Responsibilities:

Perform all ISSO related duties as required by ICD 503, applicable NRO, IC, DoD policies, procedures and operating instructions related to information Technology, Information Assurance, Information Management (IT/IA/IM)

• Manage the day-to-day system security including physical and environmental protection, incident handling, and information system security training and awareness.

• Maintain the system security plan (SSP), and other related documents, following NRO, IC, and DoD applicable policies, procedures, and templates.

• Maintain and update asset record in SNOW

• Perform continuous monitoring (ConMon) and periodic self-inspections of information systems to ensure security compliance

• Review Nessus security scans, communicate vulnerabilities to technical stakeholders, and perform remediation

• Support customer responses to ongoing information system audits and reviews in accordance with established schedules

• Ensure change control requirements are documented and tracked

• Monitor and track status of applicable patches including IA Vulnerability Alerts (IAVA), IA Vulnerability Bulletins (IAVB) and Technical Advisories (IA) for the information system.

• Conduct periodic reviews of Privileged User (PU) accounts (Developer, Admin, etc.)

• Assist in the creation of new policies/procedures as needed

• Perform Configuration and Change Management for the security relevant IS software, hardware, and firmware, Event Management, Vulnerability Management, Security Incident Management, POA&M Management, Reauthorization, and Decommissioning of IT asset environments

• Maintain Approval to Operate (ATO), including the resolution of any Plans of Action & Milestones (POA&M) documents

• Maintain and validate account and vulnerability management

• Control, label, virus scan, and appropriately transfer data (uploading/downloading) between various information systems as required and Portable Electronic Device (PED) registrations and tracking.

• Provide security design guidance and analysis to the project team throughout the RMF process

• Perform reviews of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strategies

• Develop and maintain a Data Loss Prevention process to investigate, track, and mitigate security incidents.

• Responsible for implementing and maintaining security services tools within the Risk Management Framework (RMF).

• Provide briefings on the network security posture and compliance status of assigned system(s) to Security Management

• Current DoD 8570 IAT II Certification (Security+, CISSP, CISM, CASP+)

• Top Secret/SCI security clearance with a current CI Poly

• Experience with ServiceNow, and Security Center (SC)

• Experience with HBSS, EVSS, AND/OR EITA bundle onboarding functions and corresponding tool suite

• Self-starter who can work independently with strong communication skills, both written and verbal

• Possess skills including organizing, scheduling, conducting, and coordinating work assignments to meet project milestones or established completion dates.

• Linux experience - intermediate level

• Cloud experience (AWS preferred)

• Experience with computer networks, applications, processes and accesses.

• Be customer-focused and possess the ability to identify issues, analyze, and interpret data and develop solutions to a variety of moderately complex technical problems.

• Demonstrate strong interpersonal skills to effectively interface with all levels of employees and be able to represent the organization as a knowledgeable resource.

• Thorough working knowledge of all applicable NRO, IC, DoD policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management (IT/IA/IM).

• Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or at least 5 years of directly related experience in lieu of degree or any equivalent combination of education, experience, training and certifications

Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.