Information Systems Security Officer (ISSO)
Washington, DC

Job Description

Overview

Modern Technology Solutions, Inc. (MTSI) is seeking an Information Systems Security Officer (ISSO) to join our team.

Your primary function will be to work with Special Access Programs (SAPs) supporting Department of Defense (DOD), Headquarters United States Air Force.

At MTSI, our more than 1100 co-owners recognize the high demand for specialized professionals within our industry and that you have many options to choose. As an employee owned company were culture matters, we believe that by investing in our people we are investing in our company's future!

MTSI's core capabilities are Systems Engineering and Integration, Modeling and Simulation, Test and Evaluation, Acquisition and Program Support, and Mission Assurance services. Our expertise includes ballistic missile defense, air defense, air vehicle survivability, unmanned aircraft, flight test operations, intelligence support, and cyber/space/homeland defense.

Recognized as an "employee comes first" company with over 25 years of consecutive growth we challenge our co-owners to provide the highest level of support and service, and reward them with some of the best benefits in the industry. Day one all new co-workers start with 20 days PTO, 6% 401k match with immediate vesting, semi-annual bonuses, and eligibility to participate in our Employee Stock Ownership Plan (ESOP). We offer other employee focused benefits, including up to $10k in tuition reimbursement and an optional zero dollar deductible BCBS health insurance plan.

For additional company information, please visit: www.mtsi-va.com

Responsibilities

MTSI is seeking an Information Systems Security Officer (ISSO) whose primary function will be to work with Special Access Programs (SAPs) supporting Department of Defense (DOD), Headquarters United States Air Force. The position will provide "day-to-day" direct end user support for Collateral, Sensitive Compartmented Information (SCI), and Special Assess Program (SAP) networks. This position will be located in the Washington DC area.

Your essential job functions will include but may not be limited to:

* You will conduct periodic scans to verify networks and systems are appropriately baselined with tested and approved system and application patches, hotfixes and updates.
* Continually evaluate the security posture of all networks and systems, including making recommendations for implementing new security controls as new threats and vulnerabilities are discove.
* Create, log and control all customer requests and transactions for data transfers between systems (e.g. Compact Disks (CD) and other high-capacity media, scanning documents, etc.).
* Ensure the following activities are required and completed on a periodic basis (e.g. ensuring data is backed up, account management (deactivate unused accounts and validate user access rights), participate in the Systems Development Life Cycle (SDLC).
* Evaluate all new software and hardware products for potential security flaws and risks.
* Immediately notify the Information Systems Security Manager (ISSM) of all security-relevant issues, findings and potential risks associated with any Information System (IS).
* Periodically review and analyze audit logs for system deficiencies and anomalies using audit reduction tools.
* Prepare, update and maintain RMF documentation such as, but not limited to, Authorization to Operate (ATO) packages, System Security Plans (SSP), Risk Assessment Reports (RAR), Security Control Traceability Matrixes (SCTM) and Plan of Actions and Milestones (POA&Ms) for all networks and systems.
* Provide Configuration Management (CM) for IS security software, hardware, firmware and coordinating changes and modifications with the ISSM, SCA and Authorizing Official (AO).
* Work closely with Security Control Assessors (SCA) to determine effectiveness of current security controls and a path forward to implement future security controls, where potential weaknesses might exist.

Qualifications

* 5+ years' of related technical experience.
* Firm understanding of the DoD 8500.1-M, Joint SAP Implementation Guide (JSIG), National Institute of Standards and Technology (NIST) Special Publication 800-53

Desired:

* SAP experience.

Physical Requirements:

* You must be able to move audio, visual, computing, and accessories weighing up to 60 pounds throughout organizational office spaces within the facility.
* You will occasionally ascend/descend ladders for the purpose of accessing and servicing connected infrastructure such as cables and equipment in overhead spaces within the facility.
* Constantly positions self to maintain audio, visual, computing, and accessories including under desks and other confined spaces within the facility.

Certifications:

Department of Defense Directive (DoDD) 8140 for Information Assurance Technical (IAT) Level 3 and at least on Computer Environment (CE) from an OS (e.g. Microsoft, Ci