Information Systems Security Officer (ISSO)

Abacus Technology is seeking an Information Systems Security Officer (ISSO) to support security and information assurance activities for Patrick SFB. This is a full-time position.

Provide new, or maintain, the Authority to Operate (ATO) in accordance with the Space Authorizing Official memo, "Required Artifacts for Space Risk Management Framework (RMF) Authorization Decisions".
• Review and analyze cybersecurity control compliance status to meet both ATO.
• Maintain ATO packages consistent with DoDI 8510.01 and all added guidance from the ISSM and AO.
• Draft POA&Ms for non-compliant Cybersecurity controls.
• Develop and manage System Security Plans (SSPs) and provide any changes to the Information System Security Manager (ISSM) or designee.
• Provide technical input for updates and mitigations to POA&M items for ATO packages.
• Manage the security of classified and unclassified DoD information, Critical Program Information (CPI), and Controlled Unclassified Information (CUI) in Reference Libraries per assigned DoD Impact Levels.
• Meet all RMF cybersecurity requirements on new and existing software platforms managed by the RM IT Support contract.
• Perform risk assessments and vulnerability mitigations.
• Provide Cybersecurity recommendations including, but not limited to, the development of Cybersecurity policies, procedures, strategies, processes, and plans, as well as the translation of the strategic Cybersecurity posture into specific Cybersecurity requirements.
• Manage future Cybersecurity architecture, roadmaps, cyber risk posture and cyber hygiene.
• Perform Cybersecurity Program Assessment.
• Assess RM IT Support system design requirements, topologies, and non-compliant cyber controls for cybersecurity engineering analysis and recommend solutions, mitigations, alternatives, or corrective actions to the COR.
• Support the Cybersecurity program for all information systems identified in the RM IT Support Authorization Boundaries that are operated and maintained under this contract per Cybersecurity compliance documents.
• Develop AAR IT Support Incident Response Plan.
• Participate in incident response exercises, deliver incident responses, and coordinate root cause assessment and recommend solutions, mitigations, alternatives, or corrective actions to the Government ISSM and CISO.
• Develop and perform test conductor activities to test delivered system changes and validate cybersecurity compliance.
• Perform credentialed Cybersecurity scans, vulnerability and compliance scans, for operational systems assigned to AAR IT Support as requested by Government.
• Support Cybersecurity audit activities as requested by the Government.
• Develop and conduct annual systems specific Cybersecurity training for AAR IT Support team members.

5+ years experience in information security. Bachelor's degree in a related field. Must be Security+ CE certified. Strong knowledge of Air Force, DoD and applicable Federal Cybersecurity Directives and Instructions. Able to work dynamically and effectively with people on projects (formal and informal) and conduct technical interchanges as required. Strong communication, organizational, customer service and critical thinking skills. Must be a US citizen and hold a current Secret clearance.

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

EOE/M/F/Vet/Disabled