Job Description
**Job Description**
BAE Systems is seeking a qualified and motivated individual to serve as Information Systems Security Officer (ISSO) at Quantico, VA. The position will support the government Marine Corps customer in a high-paced office environment of military, government civilian, and contractor workers. The work is 100% in-office at government customer site. The successful candidate will have relevant DOD cybersecurity work experience and excellent interpersonal skills, in addition to meeting the requirements below.
ISSO Job Tasks:
- Perform ISSO responsibilities as defined in Marine Corps Orders, Enterprise guidelines, Intelligence Community and other required regulations.
- Support, create, and update cybersecurity policies, procedures and other supporting documentation to achieve compliancy and ensure compliancy with regulations.
- Be Responsible for managing and oversight of numerous authorities to operate (ATO) packages throughout an information system lifecycle.
- Ensure security incidents are investigated and reported in accordance with AR 25-2, to include computer viruses and sanitization of highly classified information from information systems.
- Participation in weekly cybersecurity IPT meetings and attend other program IPT meetings as required to address cybersecurity concerns and ensure integration of required cybersecurity activities into program and system schedules.
- Participate, complete and ensure the Marine Corps Assessment and Authorization (A&A) activities are integrated into the project planning and executed as planned.
- Create authorization package records in accordance with Marine Corps Certification and Accreditation Support Tool (MCCAST), Intelligence Enterprise Management Office (IEMO) and other risk management processes for assigned systems, projects, networks or capabilities.
- Support identification of the system type (IS, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, data classification, tactical, space, etc., to support categorization.
- Support the determination of the appropriate policies and security categorization in accordance (IAW) with CNSSI 1253 for assigned systems.
- Support the generation of controls for assigned systems IAW appropriate policies, security categorization, and applicable overlays.
- Assess and document the security control set for assigned systems to determine the applicability and compliance of the individual controls within the security control set.
- Support the development of Cybersecurity Strategy, policies, processes, and procedures based on the security categorization.
- Support the development of Security Plan (SP) and Information System Continuous Monitoring (ISCM) Strategy documentation.
- Support the Security Control Assessor (SCA) and AO review of the security control set to address any feedback received during reviews.
- Develop, update, change and then collaborate with the ISSM and Security Controls Validator (SCV) to develop Security Assessment Plan (SAP).
- Support the ISSM and PM in implementing and testing the security control set IAW appropriate regulations.
- Support the documentation of pre-assessment results in a POA&M and Risk Assessment Report (RAR).
- Support the SCA and AO review of the pre-assessment POA&M and RAR to address any feedback received during reviews.
- Support the SCV in conducting the official security validation assessment.
- Assist the ISSM in providing updates to the Security Validation POA&M to address open vulnerabilities that were verified by the SCV during the official security assessment.
- Support the ISSM and PM in completing, assembling, and submitting the Security Authorization Package for the SCA and AO review and AO authorization.
- Support the Security Control Assessor (SCA) and AO review of the security Authorization Package to address any feedback received during the review.
- Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs
- Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements
- Perform system audits to assess security related factors within the IT infrastructure
- Review response actions to security incidents
- Maintain a repository for all system accreditation/certification documentation
- Maintain a repository for all personnel required certifications
- Requires a strong working knowledge of Information Assurance (IA) security controls and security technical implementation guides (STIGS)
- Other duties as required
**Required Education, Experience, & Skills**
- The position requires a minimum of a Department of Defense Secret clearance to start, with the ability to obtain and maintain a Top Secret SCI clearance.
- Bachelor s degree in Cybersecurity, Math, Science, or related field.
- DOD cyber certification as an IAM Level II [CAP, CASP CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP]
- At least 5 years of professional experience in cybersecurity
**Preferred Education, Experience, & Skills**
TS/SCI Clearance
**Pay Information**
Full-Time Salary Range: $126610 - $215270
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
**Information Systems Security Officer**
**101848BR**
EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression
Job Tags
Holiday work, Full time, For contractors, Work experience placement, Local area,