Information Systems Security Officer (ISSO)

Company: CAE Inc.
Location: Kirtland
Posted on: January 24, 2023

Job Description:

Role and ResponsibilitiesSUMMARYThe Information System Security Officers (ISSO) ensure compliance with Air Force/DoD cybersecurity instructions, the National Industrial Security Program Operating Manual (NISPOM), Risk Management Framework (RMF), corporate directives, and other government contractual security commitments. The candidate will be responsible for writing, implementing, and maintaining System Security Plans, architecture analysis and drawings, security controls, vulnerability management plan, and related artifacts required by government customers.ESSENTIAL DUTIES AND RESPONSIBILITIESReasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.---Conduct weekly system audits, periodic self-inspections, and comprehensive investigation of computer security incidents.---Provide periodic security training for personnel, system users and administrators.---Apply information technology security principles and configure security settings on the design, development, integration, and analysis of classified computing systems and networks in various operating modes; to include Servers/Clients, LINUX, PC Desktops, LAN management, secure network links and supported applications.---Scan systems for vulnerabilities, compiles data, prepares risk assessments and mitigation plans, and prepares procedures for testing software and equipment. Duties may include hardware assembly, software installation and verification, troubleshooting, integration of COTS material, windows administration, as well as network device configuration and verification.---Lead the integration and perform analysis of classified computing systems and networks operating in various secure configurations.---Some travel may be required.---Be willing to work flexible hours as required, and provide scheduled pager support (if required).QUALIFICATIONS AND EDUCATION REQUIREMENTS---BS in Computer/Network Engineering, Computer Science, Management Information Systems, or five years equivalent job experience---Experience with vulnerability scanning tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP), Tenable Network Security Nessus, or similar---Proficient in MS Word, Visio, Excel, and PowerPoint applications---DoD 8570 certification of CompTIA Security+ CE, Certified Information Systems Security Professional (CISSP), GIAC Security Leadership Certificate (GSLC), Certification Authorization Professional (CAP), or Certified Information Security Manager (CISM): Certification within 6 months is required per DoD Directive 8570.01M (e.g., Security+, CISSP).---Experience as an Information Systems Security Manager or Information Systems Security Officer, or with Systems security plan development---Assessment and Authorization experienceSECURITY RESPONSIBILITIESMust comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources. ---Incumbent must be eligible for DoD Personal Security Clearance.WORK ENVIRONMENTThis job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.PHYSICAL DEMANDSThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. ---Ability to sit and operate a personal computer for long periodsOTHER DUTIESPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice.#LI-KB1 Position TypeRegularCAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.Equal Employment OpportunityAt CAE, everyone is welcome to contribute to our success. With no exception.As captured in our overarching value "One CAE", we're proud to work as one passionate, boundaryless and inclusive team.At CAE, all employees are welcome regardless of race, nationality, colour, religion, sex, gender identity or expression, sexual orientation, disability or age.The masculine form may be used in this job description solely for ease of reading, but refers to men, women and the gender diverse.

Keywords: CAE Inc., Rio Rancho , Information Systems Security Officer (ISSO), Other , Kirtland, New Mexico