Information Systems Security Officer (ISSO)

Job Title: Security Architect (C&A Packaging)

Location: Scott AFB

Clearance: TS/SCI

Program: DCRIOS

Centuria, a Service-Disabled Veteran-Owned Small Business (SDVOSB), has been delivering IT, Engineering, and Scientific solutions to the Federal Government since 2002. During our two decades of service we have earned the trust and respect of our government clients for the simple reason that we have great people who are experts in their fields and take pride and ownership in everything they do. 

The Washington Post has recognized Centuria Corporation as one of the top workplaces in the DC Metro area for 2024. This award celebrates nationally recognized companies that make the world a better place to work together by prioritizing a people-centered culture and giving employees a voice. The Top Workplaces USA award is based entirely on feedback from an employee engagement survey completed by the employees of participating workplaces. Centuria is honored to have been awarded this distinction.  

This role will directly support the Air Force's Defensive Cyber Realization, Integration & Operational Support (DCRIOS II) contract under the mission of the 67th Cyberspace Wing (67 CW). The 67 CW's mission is to deliver cyberspace outcomes in order to generate a decisive advantage across the continuum of conflict for the nation.  The wing presents combat cyberspace capabilities to the Service, United States Cyber Command, and the Joint Forces.  In this capacity, the wing acts as the Air Force’s Cyber execution arm for conducting global cyberspace operations.  Additionally, the wing provides organic operations training, cyber capability development, operational testing, and range capabilities to drive readiness across the Cyber Mission Force (CMF). 

Responsibilities:

·       Provide engineering and technical support to ensure the 67 CW systems and their components achieve initial and recurring accreditation. 

·       Support and meet all requirements for Risk Management Framework (RMF) for DoD Information Technology (IT) and Federal Information Security Management Act (FISMA) Reporting.

·       Provide engineering and technical support for the Assessment & Authorization (A&A) standards and processes to achieve uniform quality and a level of consistency throughout the life cycle of the systems. The contractor shall provide the necessary written documentation, technical drawings/diagrams, or spreadsheets to support the C&A process.

·       Provide the RMF surveys and document responses into the Enterprise Information Technology Data Repository (EITDR). The contractor shall ensure the RMF questions are answered to meet or exceed the common minimum standards as required to support annual FISMA reporting requirements.

·       Develop RMF certification packages for accreditation approval and/or maintaining Authority to Operate. The contractor shall develop written documentation, technical diagrams/drawings as part of the RMF A&A package build.

·       Develop (Based on requirements provided, individuals will be requested to research and develop products not already captured), review, document and finalize requirements necessary to satisfy DoD IA controls.

·       Develop the necessary scientific/technical reports, technical drawings/diagrams, and spreadsheets required to satisfy DoD IA controls.

·       Ensure implementation of information security measures and procedures, including reporting incidents to the IA Officer and appropriate reporting chains.

·       Coordinate system-level responses to unauthorized disclosures.

·       Implement and enforce all DoD Information System (IS) and Platform Information Technology (PIT) system cybersecurity policies and procedures, as defined by cybersecurity-related documentation.

·       Ensure that all users have the requisite security clearances and access authorization and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems.

·       In coordination with the Information System Security Manager, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place for authorized users to report all cybersecurity- related events and potential threats and vulnerabilities to the Information System Security Officer (ISSO).

·       Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals.

·       Configure and operate IT systems within the authorities vested in them IAW DoD cybersecurity policies and procedures.

·       Protect authenticators commensurate with the classification or sensitivity of the information accessed and report any compromise or suspected compromise of an authenticator to the appropriate ISSO.

·       Observe policies and procedures governing the secure operation and authorized use of DoD IT systems, including operations security.

·       Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.

·       Maintain IAT 8570 certification of DoD information baseline requirements; approved hardware/software, Security Technical Implementation Guide, vulnerability requirements, etc.

·       Implement and report on violations of AF IA policies and procedures to the appropriate functional manager for supported networks.

Qualifications:

·       BS/BA in related field

·       5+ years of relevant experience

·       IAT II certification

·       Clearance: TS/SCI