Information Systems Security Officer at Modern Technology Solutions Inc

Bath Township, Ohio, United States -

Full Time

Start Date

Immediate

Expiry Date

13 Jan, 26

Salary

0.0

Posted On

15 Oct, 25

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Information Systems Security, Security Policy Implementation, Configuration Management, Risk Management, Security Compliance, Continuous Monitoring, Security Audits, Collaboration, Documentation, Security Enhancements, Analytical Skills, Problem-Solving, Communication Skills, Network Security, Application Security, Endpoint Security

Industry

Space Research and Technology

Description

Security Policy Implementation: Assist Information System Security Managers (ISSMs) in the development, implementation, and enforcement of security policies, standards, and procedures to ensure the protection of information systems and data. Configuration Management: Ensure that all information systems are configured securely according to DoD & organizational policies, industry's best practices, and security baselines. Risk Management: Conduct risk assessments to identify potential security threats and vulnerabilities. Develop and implement mitigation strategies to reduce risk and ensure business continuity. Assess the impact of changes in the IT environment and update the risk management framework accordingly. Security Compliance: Ensure that information systems comply with relevant government and industry standards, such as NIST, and DoD regulations. Demonstrate familiarity with RMF & JSIG processes for assessments and authorization efforts to prepare and maintain documentation for ATO compliance activities. Continuous Monitoring: Implement and manage continuous monitoring processes to maintain compliance with ATO requirements. Utilize Security Information and Event Management (SIEM) tools (e.g., Greylog) to monitor system activities, analyze logs, and identify & report suspicious behavior & anomalous findings. Security Audits: Conduct regular security audits and assessments to evaluate the effectiveness of security measures and identify areas for improvement. Develop and implement remediation plans to address identified vulnerabilities. Collaboration: Work closely with other IT and security professionals, including system administrators, network engineers, and security analysts, to ensure a coordinated approach to cybersecurity. Liaise with external stakeholders & partnering agencies as needed. Documentation: Maintain comprehensive documentation of security policies, procedures, system configurations, and security incidents. Prepare reports for management on security status, compliance efforts, and incident response activities. Security Enhancements: Research, evaluate, and recommend security enhancements to improve the overall security posture of the organization. Stay updated with the latest security trends, technologies, and threats. Minimum of 3 years of experience in a similar ISSO or cybersecurity role. Proficiency in using security tools and technologies, such as VLANs, SIEMs, Static Application Security Testing (SAST) tools, network monitoring tools, and endpoint protection platforms (EPP). In-depth knowledge of network security, application security, and endpoint security principles. Strong understanding of operating systems (Windows, Linux, etc.) and their security configurations. Hands-on experience with Greylog or other similar SIEM applications for security monitoring and log analysis. Experience with security compliance and regulatory requirements, including NIST USAF, and DoD regulations. Strong analytical and problem-solving abilities, with the capability to analyze complex security issues and develop practical solutions. Excellent written and verbal communication skills, with the ability to effectively communicate technical information to both technical and non-technical stakeholders. Ability to work independently and collaboratively in small team environments. Must possess a Top Secret Clearance with SCI eligibility. Must hold a minimum IAV Level 1 compliant certification, such as Security+ or an applicable DoD 8140 certification (e.g., GSEC, CISSP Associate). Must be able to lift up to 50lbs. Experience with XACTA. Experience with eMASS. Experience supporting various guest networks such as CV2, AF7, JWICS. Experience with AF1067s and ITNRs. Associates degree and 2 additional years of relevant experience Bachelors degree (Preferred)

Responsibilities

Assist in the development, implementation, and enforcement of security policies and procedures to protect information systems. Conduct risk assessments, ensure compliance with standards, and manage continuous monitoring processes.