Information Systems Security Officer- Journeyman Security Clearance

Position: Information Systems Security Officer- Journeyman with Security Clearance
Location: Hill Air Force Base

Position Title:

Information Systems Security Officer
- Journeyman

Location:

Hill AFB, Utah Clearance:
**** This position requires an Active Secret Clearance
**** Salary: $ - $

Position Summary:

Command Cyber Solutions is looking for an Information System Security Officer (ISSO) Journeyman to support HILL COMPONENT ENTERPRISE DATA CENTER (CEDC) IT OPERATIONS AND MAINTENANCE SERVICES located at Hill Air Force Base, Utah ( HAFB) . This program aims to modernize legacy USAF network infrastructure and migrate services into Cloud Environments. The Information Systems Security Officer (ISSO) is responsible for ensuring the confidentiality, integrity, and availability of assigned information systems in accordance with Department of Defense (DoD) and Department of the Air Force policies and procedures.

The ISSO will play a crucial role in implementing and maintaining a robust cybersecurity posture, conducting security assessments, managing risks, and ensuring compliance with applicable regulations and standards. This position requires a strong understanding of information security principles, DoD security requirements, and excellent communication and problem-solving skills.

Essential Duties & Responsibilities:

* Security Planning and Implementation:

* Assist in developing, implementing, and maintaining security plans, policies, and procedures for assigned information systems in accordance with DoD Instruction 8510.01 (Risk Management Framework for DoD Information Technology) and other applicable guidance.

* Assist in the selection and implementation of security controls to protect information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

* Assist risk assessments and vulnerability assessments to identify security weaknesses and recommend mitigation strategies.

* Work with system administrators and other IT personnel to ensure security controls are properly implemented and maintained.

* Security Monitoring and Incident Response:

* Monitor information systems for security incidents and anomalies, and investigate and respond to security incidents in accordance with established procedures.

* Analyze security logs and other data sources to identify potential security threats and vulnerabilities.

* Report security incidents to the appropriate authorities, including the [Insert Organization's Incident Response Team].

* Participate in incident response exercises and drills.
* Compliance and Audit:

* Ensure that assigned information systems comply with all applicable DoD security policies, regulations, and standards, including but not limited to:

* DoD Instruction 8510.01 (Risk Management Framework for DoD Information Technology)

* NIST Special Publications (e.g., SP 800-53, SP 800-37)

* Security Technical Implementation Guides (STIGs)

* Information Assurance Vulnerability Alerts (IAVAs)

* Conduct regular security reviews and audits to verify compliance with security requirements.

* Prepare and maintain documentation to support security audits and assessments.

* Assist with the development and implementation of corrective action plans to address security deficiencies.

* System Authorization and Accreditation (A&A)

* Manage the A&A/A&A process for assigned information systems, including the preparation of security documentation (e.g., System Security Plan, Security Assessment Report, Plan of Action and Milestones (POA&M)).

* Coordinate with authorizing officials and other stakeholders to obtain and maintain system authorizations.

* Ensure that systems are operated in accordance with their authorization. Education, Certification & Experience Requirements:
Certification/

Clearance Required:

* Active Secret Clearance

* Security+ CE Certification Education/Experience

Required:

* Bachelor's Degree in Business or IT related field with three (3) or more years of experience in Information Security, Vulnerability Management or related field. Master's Degree and 2+ years of experience can be substituted.

Must have relevant Air Force Risk Management Framework (RMF) experience
* Must have experience with one or more of the following:
* Experience successfully getting systems through the complete ATO process
*…