Information Systems Security Officer
DRG has partnered with a leading defense contractor and is looking for an Information Systems Security Officer with an Active Security Clearance in the Roseville / Sacramento, California area.
Responsibilities include ensuring compliance with government security requirements pertaining to computer systems processing classified information. Will be the subject matter expert for the Industrial Security Field Operations (ISFO) Process Manual for the Certification and Accreditation of Classified Systems, the National Institute of Standards and Technology (NIST) Special Publication 800-53 Rev. 4, and Joint Special Access Program Implementation Guide (JSIG).
EDUCATION AND EXPERIENCE:
- Bachelor’s degree in a related technical field, or minimum of 3 years directly related work experience in lieu of degree
- ACTIVE SECURITY CLEARANCE REQUIRED; must be within 5 years of last investigation.
- Ability to obtain TS Clearance (requires U.S. Citizenship)
- Must be DOD 8570 Compliant
- Strong experience with hardening Windows 10, Server 2008 R2, Server 2012 R2, and Server 2016 operating systems
- Working knowledge with vulnerability and compliance scanning tools (SCAP, WASSP, etc.)
- Working knowledge of TCP/IP, network switching, routing and infrastructure cabling.
- Must be able to configure switches by using a work instruction for Isolated LANs and WANs
- Working knowledge with RMF, NIST and/or JSIG/JFAN-6/3 requirements
- Familiarity with Linux and Cisco IOS operating systems
- Familiarity with SQL/Oracle Databases
ESSENTIAL JOB FUNCTIONS:
Establish and maintain classified information systems following DOD, DSS, NIST, and JSIG guidelines, including but not limited to:
- Responsible for network address assignment, routing protocols, and routing table configuration as well as configuration of authentication and authorization - directory services. Performs maintenance of network servers: file servers, intrusion detection systems, routers, switches, etc.
- Develops and maintains a formal information system (IS) security program. Establishing and updating System Security Plans (SSPs). Implementing and enforcing IS security policies to include configuration management, media control, etc.
- Maintains the hardware and software that comprises the network (data, voice and video) including the deployment, maintenance and monitoring of active network gear; switches, routers, firewalls, and appliances
- Performs weekly audits, anti-virus definitions updates, and patch management. Manages active directory, group policy, files shares, backups and restores, etc.
- Responds to IS security incidents including investigation and report detail.
- Working knowledge of system functions, security policies, technical security safeguards, and operational security measures to restrict unauthorized use of data systems and databases
- Ensures all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS
- Conducts Initial and annual required training of general users
- Ensure users have need-to-know for the data they are accessing
- Installs new and existing hardware/software. Manages disaster recovery functions for information systems
- Develop Risk Management Framework (RMF) Authority to Operate (ATO) Package in accordance to the JSIG and/or NIST.
Job Status: Full Time