Position Location(s): Quantico, VA
Position Description: CommIT is seeking an Information Systems Security Officer to support our Marine Corps customer. The candidate will be supporting Common Aviation Command and Control System (CAC2S) with the expertise as a security engineer providing Cyber Security Support.
- Coordinate local system security with local security policies and procedures as required to comply with Federal, DOD, DON, and Marine Corps Cybersecurity regulations, policies, and directives.
- Assist the Information Systems Security Manager (ISSM) in performing the duties and responsibilities.
- Ensure that system(s) authorization support documentation packages for which the ISSO is responsible are developed, maintained, and updated as required.
- Ensure that all Marine Corps system Cybersecurity-related processes are monitored and accessible to properly authorized individuals approved by the Marine Corps AO.
- Ensure that all users have the requisite security clearances and need-to-know, and are aware of their responsibilities before granting them access to a PdM ABM&SN or PdM CAC2S information system.
- Ensure that all IS users and operators read, understand, and sign the appropriate documentation
- Ensure that Cybersecurity and Cybersecurity-enabled software, hardware, and firmware are in compliance with the appropriate Marine Corps AO -approved security configurations.
- Coordinate security procedures with the ISSM and security managers, initiates investigative procedures for security events, and implements protective or corrective measures when a Cybersecurity incident or vulnerability is discovered.
- Ensure that PdM ABM&SN and PdM CAC2S back-up and recovery processes are developed, tested (initially and annually thereafter), and documented in the A&A package.
- Coordinate with IT personnel to develop and test the local Cybersecurity IT Contingency Plan and Disaster Recovery Plan (DRP), which are part of the overall Continuity of Operations Plan (COOP), to ensure confidentiality, integrity, availability, and recoverability of critical ISs and data is maintained during and after a disaster. Additionally, coordinate with the appropriate representatives to ensure that the Contingency and DRPs meet command objectives and are tested prior to system operation and annually thereafter.
- Coordinates all Cybersecurity-related issues that call for local execution of contingency plans with the ISSM, IT personnel, and security managers as required.
- Support the development of test plans, support test readiness reviews and observe quarterly CCTs, in compliance with the Information Assurance Vulnerability Management (IAVM) plan
- Maintaining the cybersecurity Plan of Action & Milestones (POA&M) as required
- Clearance Level: Secret
- 5+ years of Cybersecurity experience
- 3+ years proficiency in RMF processes
- 3+ years’ experience in conducting and handling/safekeeping PII
- Experience working in an enterprise environment supporting on premise applications and enterprise service for cloud extension/ deployment
- The ability to understand network diagrams and ports, protocols and services
- Strong understanding of STIG’s and SCAP benchmarks
- Possess DOD 8570.01-M IAM Level III and IAT Level II certifications such as CISSP, CISA, Security+, and ITIL
- Proficiency in performing risk-based reviews of Security Authorization Package
- DoDD 8140 Compliant Cyber IT/CS Privileged User
- Collectively demonstrate experience with:
- - Assured Compliance Assessment Solution (ACAS)
- - Security Content Automation Protocol (SCAP)
- - Risk Management Framework (RMF)
- - Marine Corps Compliance and Authorization Support Tool (MCCAST)
Experience and Education:
- BS Degree in Electrical/ Electronic/ Computer /Software Engineering, Physics, or Computer Science from an accredited College or University preferred.
- Six (6) years of experience performing Cyber Security function on DoD C4ISR
program and systems
Submit Resume (Please include the position description in the subject line when submitted): CAC2S ISSO