Kratos

Job Description GENERAL JOB SUMMARY:The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO) and Information System Security Manager (ISSM) on all matters, technical and otherwise.. The ISSO will perform a classified cyber security role supporting multiple programs with working knowledge of the Risk Management Framework (RMF).. Coordinates with ISSM/CPSO on approval of external information systemsMaintains, per individual system and its accreditation, a baseline of configuration, hardware, software, and firmware.. Prepares audit/event reports for ISSM review, highlighting any/all anomalies.. The ISSO shall assume ISSM responsibilities in the absence of or if no ISSM is assigned.

information system security officer

Job Description GENERAL JOB SUMMARY:The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO) and Information System Security Manager (ISSM) on all matters, technical and otherwise. The ISSO will perform a classified cyber security role supporting multiple programs with working knowledge of the Risk Management Framework (RMF). ESSENTIAL JOB FUNCTIONS: Maintains/recommends changes of the cybersecurity program to the ISSM. Participates in the development and implementation of security procedures.Works with ISSM to develop operational information systems security.Leverages guidance pertinent to all applicable directives and publications Participates in the generation and maintenance of RMF documentation. Plays an active role in monitoring a system and its environment of operation to include developing and updating the system artifacts, managing, and controlling changes to the system and assessing the security impact of those changes, in close coordination with the ISSM.Reviews artifacts pertinent to an information system ensuring Authorization to Operate (ATO) compliance.Coordinates with ISSM/CPSO on approval of external information systemsMaintains, per individual system and its accreditation, a baseline of configuration, hardware, software, and firmware.Maintains, updates, and executes information system continuous monitoring plan.Ensures data ownership and responsibilities are established for each IS and specific requirements (, accountability/access/special handling requirements) are enforced.Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.Ensures adherence to these information system security policies and procedures.Ensures proper procedures are followed, per the Cyber Incident Response Plan, when information system security incidents are discovered.Disseminates appropriate documentation to all applicable personnel.Ensures initial, annual and “as needed” training is accomplished and documented.Ensures events captured are as outlined in applicable directives and publications.Coordinates with disinterested parties to employ various intrusion attacks.Ensures all system security-related vulnerabilities are documented and ensure serious/unresolved violations are reported to the AO/DAOAdvises users on the proper operation of a specific IS as outlined in its SCTM.Assists SAs in the approved maintenance procedures as approved by the ATO.Provides guidance, based on component classification, before purging and releaseConfirms domain/local policies are configured to meet regulatory requirements.Monitors system backup and recovery processes to ensure security features and procedures can be properly restored and are functioning correctly.Coordinates any configuration changes of a system with the ISSM prior to the change.Assesses changes to the system/operational needs that could affect its accreditation.Voting/veto member of the CCB for all systems.Assists with coordination between Kratos Security and Defense and Government authorities regarding system security posture requirements.Participates in information system security inspections, tests, and reviews.Ensures ISSM understands inspection timelines, operational impacts, and results. Attends required technical and security training (, operating system, networking, security management) relative to assigned duties. Maintains a working knowledge of system functions, security policies, technical security safeguards and operational security measures. Assist with development of an effective information system security education, training, and awareness program. Prepares audit/event reports for ISSM review, highlighting any/all anomalies. Participates in scheduling periodic testing to evaluate the security posture of IS. Ensures systems are operated, maintained, and disposed of according to the policies and procedures outlined in the security authorization package. Ensures system administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks. Serves as member of the configuration change board (CCB). The ISSO shall assume ISSM responsibilities in the absence of or if no ISSM is assigned. Assists the ISSM in meeting their duties and responsibilities. Interfaces with internal and external customers, program managers, IT, security staff, etc.Maintains required DoDD IAM level II certifications. Other Job Functions Provides technical guidance as a non-voting member of the configuration change board.Serve as a member of the COMSEC Team SUPERVISORY RESPONSIBILITY: None

START NEW SEARCH