Information System Security Officer (ISSO) with Security Clearance

at Caribou Thunder, LLC
Published May 6, 2022
Location Ridgecrest, CA
Category Default  
Job Type Full-time  


Information System Security Officer (ISSO) LC71002 Location: Pt Mugu, CA Schedule: Full Time Shift: 1 st OVERVIEW Caribou Thunder, LLC is a Woman Owned, HUBZone Certified, Native American Owned, SBA and SDB Certified global engineering services company, incorporated in 2006. Caribou Thunder is a Global Service Provider supporting a wide variety of DoD, Space and Intelligence programs with consistent growth since inception to over 100 associates and $10M in annual sales with solid performance in 35 states across the U.S. and 22 countries around the world. Caribou Thunder Engineering Services is hiring an Information Systems Security Officer in Pt Mugu, CA. This meaningful work will support the mission of the Naval Air Warfare Center, Weapons Division and their complex network of computing and communications systems and software supporting a scientific user community that relies on available and stable access to timely information. The selected candidate will be supporting consolidation efforts for accreditation efforts across the command. RESPONSIBILITIES Planning, implementation, upgrading, and monitoring of security measures that make up the protection of corporate or government computer networks. Capable of performing independently. Research, analyze, develop, and document information systems IAW government policies and standards. Experience with NIST 800-37 and 53 Risk Management Framework (RMF) concepts and procedures. Provide guidance in matters of Security Controls selection, implementation, auditing and monitoring for area of responsibility. Collaborate with other ISSOs and Sr. Staff to achieve favorable A&A outcomes. Responsible for the execution of the Information Assurance program as stipulated by various USG requirements documents including (but not limited to): NISPOM, JSIG, ICD 503, DAAPM, and associated NIST documents. T he selected candidate will be responsible for day-to-day effective execution of the Information Assurance program: * Risk Management Framework Experience * Assessment and Authorization (A&A) of assigned systems (SSPs, CMP, RMP, CTP, etc.) * Perform technical security controls assessments and baseline validations to identify vulnerabilities and control deficiencies as part of continuous monitoring program * Information assurance sustainment activities (hardware/software change management, account management, auditing, media protection, user interface, file transfers, etc.) * System self-inspections, audit log reviews, secure baselines, and continuous monitoring * Interfacing with internal and external customers, program managers, IT staff, etc. * Prepare and conduct initial and annual general/privileged IA training and awareness * Conduct various actions related to cyber incident response, investigation, and resolution * Development, maintenance, and execution of effective, well-written, and customer compliant IA policies and procedures for various customer bases * The ideal candidate possesses strong written and oral communications skills, technical knowledge, exemplary customer service skills, strong time management skills, the ability to creatively find solutions to complex challenges, and the ability to multi-task and thrive in a fast-paced environment. This position will report directly to the CSI Systems Security Manager (ISSM) for IIS. * Must be able to obtain and maintain a TS/SCI Security Clearance. * This position will require the candidate to obtain and maintain an IA Professional certification (e.g. Security+ CE, CISSP, etc.) BASIC QUALIFICATIONS * 5+ years of experience in information systems security/information assurance, security engineering * Experience developing System Security Plans (SSPs) and supporting Assessment & Authorization (A&A) documentation * Experience supporting various computer hardware platforms and multiple operating systems in both stand alone and LAN/WAN configurations * Working knowledge of operating systems security features and settings (e.g. Windows, Unix, Linux, and OS X) * Ideal Candidate has experience to make sound decisions and implement all aspects of information systems security as it applies to NISPOM Chapter 8, JSIG, ICD 503, NIST SPs, and other government doctrine * Professional demeanor, good interpersonal skills, and ability to excel in a high-paced multi-tasked environment * Demonstrated ability to act independently, prioritize tasks, and manage to schedule * Willingness to perform security tasks outside specialty (e.g. program security) and be proficient in Microsoft Applications (Word, Excel, Power Point, Access, Visio, etc.) * Strong communication skills with the ability to communicate effectively in both oral and written modes, and be able to author and present subject specific presentations * Must be willing and able to travel as required up to 10% of work schedule PREFERRED QUALIFICATIONS * Experience with computer forensic tools and investigation methodologies * Experience with various information system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS, Nessus, SECSCN, DISA SRR, Retina, etc. * Working knowledge of Wide-Area and Local Area Networks (WAN/LAN), to include Cisco-based routers, switches, and firewalls * DoD 8570.1M compliant Professional Certification (e.g. Security +, CISSP, GSEC, etc.) * Current Top Secret clearance with SCI access and polygraph * Prior ISSO/ISSM or alternate ISSO/ISSM experience * Self-starter with ability to work independently, customer service orientated * In-depth knowledge of NIST special publications, CNSS policies and instructions CERTIFICATIONS * Secret Clearance Required at Minimum. * IAT Level II Certification Required - CCNA, CSA+, GICSP, GSEC, Security+ CE, SSCP * Additional Certifications Desired - CISSP, CAP, GSLC, ENSA, CASP CE, CSSLP, CEH, CFR, CSA+, GCIA, GCIH, GICSP, SCYBER, CISA, CISA+, GSNA, CISM, CISSP-ISSMP, GCFA EDUCATION and EXPERIENCE Bachelor's degree in Computer Science or other applicable field plus 5 years of experience OR 8 years of experience (without a degree) CNSSI 4012-4016 Certificate or NDU CISO certificate or Military Training NEC 2780 or 2779 or 2781 can also be substituted for educational requirement ABOUT CARIBOU THUNDER Caribou Thunder, LLC is an established Defense contractor with nearly 20 years of experience delivering engineering services worldwide. We offer industry leading salaries, flexible work life balance, full range of benefits (career development and mentoring, PTO, medical, dental, vision, life insurance, disability insurance, and 401k match). Caribou Thunder, LLC offers meaningful career opportunities within a true team-based environment, where each and every employee matters, contributing to a higher goal supporting National Security programs. Caribou Thunder, LLC is committed to hiring and maintaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, marital status, national origin, age, veteran status, disability, or any other protected class. United States citizenship is a requirement for all positions. Read More

Drop files here browse files ...