Information Systems Security Officer - CSCS

Our company’s roots are in the Alaska Native Village of Tatitlek, located in the shelter of Copper Mountain along the Tatitlek Narrows in beautiful Prince William Sound.

The Center for Surface Combat Systems (CSCS) has a requirement for Network Information Management, technical and operational support services to include the following work areas: Computer and Local Area Network (LAN) Administration, Cyber Security Support, Functional Area Needs Analysis, System Certification and Accreditation, Technical Documentation, Research, and Technical Helpdesk Support within the CSCS domain. Provide support to the customer. This support will include working with the Information Assurance (IA) Cyber Security team to plan, execute, and implement Certification and Accreditation (C&A) using the Defense Information Assurance Certification and Accreditation Process (DIACAP), the Risk Management Framework (RMF), and the Navy Platform Information Technology (PIT) Risk Approval (PRA) processes for various Navy Information Systems. Work with system engineers, system administrators and configuration management personnel to assess and evaluate Navy Information Systems and applications security architectures, provide technical and programmatic IA support to influence the design and implementation of secure networks and information technology systems, and promote effective programmatic, technical, and environmental cost savings of the system acquisition life cycle. The successful candidate will have the skills and expertise necessary to perform the duties of the Information Assurance Officer (IAO) for assigned systems.

* Lead development of DIACAP/RMF and PRA C&A packages * Lead review of security controls for Navy Information Systems in accordance with DoD 8500 policy and NIST 800 series special publications * Lead development of Defense-In-Depth Architecture drawings * Lead IA test events and analysis of test data for risk assessment and POAM development * Support DoD Supply Chain Security efforts: * Provide technical and physical security evaluations of information system (IS) security safeguards, including a qualitative assessment of the potential security risks to the IS configuration’s operational system and the countermeasures implemented for the IS and its environment, including automated scans, i.e. NESSUS (ACAS), DISA Security Technical Implementation Guides (STIGs), system security reviews, interviews, and IS documentation evaluation. * Conduct Annual Reviews of accredited systems and perform monthly maintenance of all information systems. * Approve/validate baseline security configurations changes for operating systems, applications, networking and telecommunications equipment. * Develop various C&A related operations; how to use tools and methods including eMASS, validation procedures, risk assessment and analysis, developing Risk Assessment Reports (RAR), Plan of Action & Milestones (POA&M) and conducting traceability between them, designing architectural diagrams IAW NTD 08-08 compliance, and developing mitigation strategies to assist system administrators to reduce identified vulnerabilities to an acceptable risk level.

**Education and Experience** * Bachelor's degree (Computer Science, Management Information Systems, or Network Security) * Qualified Navy/Marine Corps Validator * DON IT knowledge and experience * 5 or more years of progressive security and system engineering experience * Top Secret/SCI * DoD 8570.01 M IAM Level I **Skills, Knowledge and Abilities** * Ability to maintain and modify complex systems or develop new subsystems. * Ability to analyze and recommend optimum approach and develop system design for projects. * Providing timely and courteous customer service.