ColoradoSpringsRecruiter Since 2001
the smart solution for Colorado Springs jobs

Information Systems Security Officer (ISSO), #4062 (Security Clearance required)

Company: LinQuest
Location: Colorado Springs
Posted on: December 5, 2019

Job Description:

Brief Description LinQuest is seeking Information Systems Security Officers to join a high-performance team in Colorado Springs, Colorado.--Candidates selected will focus on Information Assurance and Risk Management Framework to support HQ AFSPC A9.--The ISSO---s primary function is supporting Department of Defense (DoD) agencies, HQ Air Force, HQ AFSPC and A9 (Mod Sim) requirements. The position will provide ---day-to-day--- support for Collateral and Sensitive Compartmented Information (SCI) activities. ----Responsibilities: Recommending resource allocations required to securely operate and maintain the network enterprise (NE) IA requirements. Participating in information system risk assessment during the A&A process Developing security requirements for hardware, software, and service acquisitions specific to AFSPC A9 AVAC networks Ensuring NE IS recovery processes are monitored and that IA features and procedures are properly restored. Identifying alternative functional IA security strategies to address NE security concerns and develop plans capable of implementation. Ensuring all IA inspections, tests, and reviews are coordinated for the NE Evaluating the adequacy of security measures proposed or provided in response to requirements listed in acquisition and operations documents Developing and implement programs to ensure systems, network, and data users are aware of, understand, and follow NE and IA policies Evaluating IT enclave systems and assess risk posture and system security findings.-- And recommend mitigation and /or remediation actions Incident management and response experience Minimum qualification is Security+---Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is highly desired Knowledge of electronics theory, IT, telecommunications and supervisory and control systems including cryptography, vulnerability assessment and exploitation techniques Experience analyzing vulnerabilities, assessing risk and ultimately making a risk recommendation to the AO.-- This includes in-depth knowledge and experience with requirements risk management, security engineering, and security architecture. Experience using RMF and ITIPS --------------RequirementsRequired Skills:-- Creating policies that reflect system security objectives Ability to determine how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes Ability to determine how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes Ability to identify measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system Ability to prioritize and deconflict targets for CND and CNA activities Ability to conduct collateral effects and blowback assessments Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements) Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations Ability to conduct, review, and assess the results of security audits and A&A packages Ability to create technical correspondence, standard operating procedures (SOPs), and other repeatable processes Ability to analyze, collate, organize, report on, respond to, and develop solutions to threats, risks, and exposures of DoD networks Ability to advise IA teams in the DoD to support execution of technical countermeasure, to include but not limited to IAVA, IAVB, CTO, Warning Orders, and Situational Awareness Reports (SARs) Ability to recommend and establish DoD strategic priorities and apply available assets to investigate/isolate issues of the greatest interest Ability to communicate complex technical and programmatic information, concepts, or ideas in a confident and well-organized manner Ability to prepare and complete configuration management of program schedule, acquisition, and milestone decision documentation Must be able to demonstrate understanding and implementation of risk analysis, generating risk reports, and providing recommendations for risk mitigation Experience facilitating schedule risk reviews as well as developing custom reports, layouts, and filters Understanding of current DoD Acquisition Policy ----Required Experience US Citizenship and active DoD TS/SCI Clearance is required to be considered for this position Experience in utilizing enterprise computer forensic tools (e.g., ArcSight, Palantir) Experience with computer networking concepts and protocols, and network security methodologies Experience with risk management processes (e.g., methods for assessing and mitigating risk) Experience with cyber threats and vulnerabilities Experience with specific operational impacts of cybersecurity lapses Experience with data backup and recovery Experience with business continuity and disaster recovery continuity of operations plans Experience with host/network access control mechanisms (e.g., access control list, capabilities lists) Experience with cybersecurity best practices used to manage risks related to the use, processing, storage, and transmission of information or data Experience with RMF requirements Experience with and knowledge of measures or indicators of system performance and availability Experience with and knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities Experience with and knowledge of network traffic analysis methods 1. Experience with and knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]) Experience with and knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code) Experience with and knowledge of resource management principles and techniques Experience with and knowledge of server administration and systems engineering theories, concepts, and methods and server and client operating systems Experience with and knowledge of system life cycle management principles, including software security and usability Experience with and knowledge of technology integration processes Experience with and knowledge of what constitutes a network attack and a network attack---s relationship to both threats and vulnerabilities Experience with and knowledge of information security program management and project management principles and techniques Experience with and knowledge of enterprise incident response program, roles, and responsibilities Experience with and knowledge of current and emerging threats/threat vectors Experience with and knowledge of system administration, network, and operating system hardening techniques Experience with and knowledge of Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth) Experience with and knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools Experience with and knowledge of Personally Identifiable Information (PII) data security standards Experience with and knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.-- Experience with and knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services Experience with and knowledge of controls related to the use, processing, storage, and transmission of data Experience with and knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list) Experience with and knowledge of methods for evaluating, implementing, and disseminating IT security tools and procedures Experience with and knowledge of network architecture concepts including topology, protocols, and components Experience with and knowledge of systems diagnostic tools and fault identification techniques Experience with and knowledge of CNO constraints (e.g., resources, technology, etc.) Experience with and knowledge of Information Assurance (IA), computer network attack (CNA), computer network defense (CND), and computer network exploitation (CNE) concepts, practices, and tools for the administration of classified and unclassified DoD computer networks and systems Experience with and knowledge of DoD and US Government (USG) information system (IS) accreditation and certification policies, standards, and governance, to include, and NIST FIPS Publications, DoDI 8500.2, and DISA STIGs --We are an Equal Opportunity Employer, we are committed to providing a work environment that values and respects each Team Member as an individual and important member of our culturally diverse organization. In keeping with this commitment, the Company is dedicated to providing a work environment free from any type of discrimination based upon race, color, religion, national origin, ancestry, gender, pregnancy, age, sexual orientation, gender expression and identity, covered veteran and military status, marital status, disability, medical condition, genetic characteristics,political affiliation, or any other classification protected by law. This commitment and policy applies to all areas of employment.----Summary

Keywords: LinQuest, Colorado Springs , Information Systems Security Officer (ISSO), #4062 (Security Clearance required), IT / Software / Systems , Colorado Springs, Colorado

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other IT / Software / Systems Jobs


Lead Software Engineer
Description: Join a high-growth startup on the ground floor A rare opportunity to have immense impact working directly with our executive team, while earning equity in a fast-pace, high-growth startup. br We are (more...)
Company: Cloud Campaign
Location: Boulder
Posted on: 12/13/2019

Software Programmer
Description: We are seeking a groovy/java programmers for a very important client. br ResponsibilitiesProvide support for and improvements to existing pipeline toolsDevelop new applications
Company: ATR International
Location: Westminster
Posted on: 12/13/2019

Senior Audit Manager / Enterprise Technology Audit Group - Infrastructure
Description: Job Description br Important Note: During the application process, ensure your contact information email and phone number is up to date and upload your current resume prior to submitting your application (more...)
Company: Wells Fargo Bank
Location: Watkins
Posted on: 12/13/2019


Software Engineer
Description: SUMMARY br ANSYS Discovery is one of the most exciting software products in engineering today. Recently launched, it has been called the most impressive software in decades by the press and a game changer (more...)
Company: ANSYS
Location: Boulder
Posted on: 12/13/2019

Software Test Engineer
Description: HomeAdvisor and our sister company, Angie's List, have combined to create the largest Homeservices marketplace in the nation. Part of ANGI Homeservices ANGI , we connect millions of homeowners across (more...)
Company: HomeAdvisor
Location: Denver
Posted on: 12/13/2019

AWS Developer
Description: Job Information Job Listing Date 29 Nov 2019 Location Wellington, Hutt Valley Work Type Full Time Classification Information Communication Technology, Developers/Programmers
Company: Global Infrastructure Services (GIS)
Location: Wellington
Posted on: 12/13/2019

Geek Squad Consultation Agent
Description: Geek Squad Consultation Agent Our Agents are the first point of contact for clients and command the check-in and check-out experience of client devices. They ask the right
Company: Best Buy
Location: Westminster
Posted on: 12/13/2019

Principal Software Engineer/Architect
Description: Description:At the dawn of a new space age, Lockheed Martin is a pioneer, partner, innovator and builder. Our amazing men and women are on a mission to make a difference in the world and every single (more...)
Company: Lockheed Martin
Location: Littleton
Posted on: 12/13/2019

Software Engineer
Description: Description:The coolest jobs on this planet... or any other... are with Lockheed Martin Space. At the dawn of a new space age, Lockheed Martin is a pioneer, partner, innovator and builder. Our amazing (more...)
Company: Lockheed Martin
Location: Littleton
Posted on: 12/13/2019

Principal Software Engineering
Description: Principal Software Engineering Architect Leader Are you ready to offer up your technology skills in a global business that is committed to moving money for better -- Are you passionate about leading technology (more...)
Company: Western Union
Location: Denver
Posted on: 12/13/2019

Log In or Create An Account

Get the latest Colorado jobs by following @recnetCO on Twitter!

Colorado Springs RSS job feeds