Job Description
Information Systems Security Officer
Job Locations
US-OH-WPAFB
ID
2024-8039
Category
Information Technology
Type
Regular Full-Time
Overview
Credence Management Solutions, LLC (Credence) is seeking an Information Systems Security Officer in support of the Cyber Resiliency Office for Weapon Systems (CROWS) at Wright-Patterson AFB, OH.
Responsibilities
Work within SAP and Sensitive Compartmented Information (SCI) facilities supporting CROWS' mission.
Provide "day-to-day" support for Collateral, SCI and SAP activities, and support other classified network systems.
Appraise and recommending assessment documentation and providing written recommendations for authorization to Government program managers.
Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration of existing SAP network infrastructures.
Verify authorizations are accomplished on each Automated Information System (AIS).
Assist with risk assessments and make recommendations to customers.
Periodically review system security to accommodate changes to policy or technology.
Assist with the development and maintenance of the information systems security program.
Ensure all personnel receive the necessary technical and security training for using AIS.
Confirm proper protection or corrective measures undertaken when an incident or vulnerability is discovered within a system.
Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.
Maintain a repository for all system authorization documentation and modifications.
Coordinate AIS security inspections, tests, and reviews.
Assist in developing policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.
Confirm data ownership and responsibilities are established for each AIS, to include accountability, access rights, and special handling requirements.
Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local AIS security training.
Ensure system security requirements are addressed during all phases of the system life cycle.
Confirm security assessments and audits are completed and documented.
Identify threats and vulnerabilities to ascertain whether additional safeguards are needed.
Assess changes in the system, its environment, and operational needs that could affect the authorization.
Review AIS assessment plans.
Support necessary compliance activities.
Conduct periodic assessments of the security posture of the AIS.
Ensure Configuration Management (CM) for security-relevant AIS software, hardware, and firmware are properly documented.
Validate AIS authorization documentation is current and accessible to properly authorized individuals.
Participate in self-inspections, identifying security discrepancies, and reporting security incidents.
Perform file transfers between local systems to storage devices.
Design, review, endorse, and recommend actions by the system approving authority for system assessment documentation.
Perform risk assessments and making recommendations to customers.
Build and maintain the information systems security program.
Coordinate and confirm proper protection or corrective measures were completed when an incident or vulnerability is discovered within a system.
Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.
Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.
Build policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.
Ensure system recovery processes are monitored to ensure that security features are properly restored.
Deliver expert research and analysis in support of expanding programs and areas of responsibility.
Advise senior management on risk levels, security posture, information security programs, policies, processes, and systems.
Qualifications
Clearance: Top Secret
MA/MS and ten (10) years relevant work experience or
BA/BS and twelve (12) years relevant work experience or
Fifteen (15) years relevant work experience
Specialized Knowledge and Experience Required:
DoD 8570.01-M IAM Level III or IAT Level III.
Penetration testing experience.
Be familiar with current security policy and manuals and have the ability to work in a dynamic environment to effectively interact with numerous DoD, military/civilian personnel and industry partners.
Possess a high degree of originality, creativity, initiative requiring minimal supervision.
Eligible for access to Special Access Program (SAP) information and be willing to submit to a counter intelligence polygraph.
Must be able to maintain elevated privileged access to information technology systems.
Working Conditions and Physical Requirements:
May be required to lift 50 lbs.
May be required to stand and walk two (2) hours a day
Some travel may be required
Need help finding the right job?
We can recommend jobs specifically for you!
Click here to get started.
Credence Management Solutions, LLC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin, age, or disability.
