BE A SPARK IN OUR INDUSTRY
JOIN THE METRONOME FAMILY
Every individual has unique passions, career goals, and personal values. We are here to make the connection between those and the needs of our customers. When the stars align, we welcome our new employees - or Pulsers as we like to call them - to the family. We offer competitive benefits to ensure that our Pulsers are well taken care of for whatever comes their way.
Information Systems Security Officer (ISSO) V
- Job Title
- Information Systems Security Officer (ISSO) V
- Requirement ID
- Pasedena, CA
- Other Location
The Special Programs Information Systems Security Officer (ISSO) reports to the group supervisor in 173F, Cybersecurity/Identity Technologies and Operations. An ISSO is responsible for ensuring the appropriate operational cybersecurity posture is maintained for all information systems and as such, works in close collaboration with the Special Programs Information Systems Security Manager (ISSM). The ISSO is assigned responsibility for the day-to-day cybersecurity operations of all information systems, and is dotted lined to the Special Programs ISSM within a facility. The Special Programs ISSO role actively ensures compliance with current Sponsor and JPL Cybersecurity policies, concepts and protective measures.
Customer and contract specific training will be required and provided.
Some travel required.
- Support/Assist the ISSM in meeting their duties and responsibilities. The Level III ISSO may assume alt-ISSM responsibilities in the absence of the ISSM.
- The alt-ISSM should be a SME on all matters in which the ISSM has purview over, to include the Risk Management Framework (RMF)
- The alt-ISSM may serve as a mentor to junior ISSO’s as requested by the ISSM
- The alt-ISSM may also fill in as the Information Systems Security Engineer (ISSE) in order to fulfill technical requirements required within the RMF accreditation process
- Assist in maintaining the day-to-day operations of the Information System (IS) cybersecurity program, RMF requirements and policies for their assigned area of responsibility
- Collaborate with other ISSO’s, IT and CPSO’s when writing RMF accreditations to include: Producing /Developing security RMF documentation (e.g., System Security Plan (SSP), Security Controls Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), supporting artifacts, etc.
- Ensure all information systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the RMF authorization package
- Conduct periodic reviews of information systems to ensure compliance with the RMF package
- Assist in conducting the cybersecurity continuous monitoring required in order to maintain a successful Risk Management Framework (RMF) Authorization To Operate (ATO)
- Support the ISSM in investigating/handling all cybersecurity incidents and coordinating with the SOC, if required.
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM, as well as making changes within the RMF tracking database, and working with ISSM prior to the change
- May sit in the Change Configuration Board (CCB) as a delegate for the ISSM, if required
- Attend program meetings in support of the ISSM, if required
- Assist with data transfers, to include low-to-high and high-to-low
- Assist the ISSM with writing cybersecurity SOP’s in accordance with sponsor directives/requirements
- Keep abreast with industry trends, training and continuing education required to improve their technical knowledge
- Any other duties as assigned by the ISSM
- The candidate must be a citizen of the United States of America
- Offer contingent on ability to successfully pass a background check and drug screen
- Typically requires a Bachelor’s degree with a minimum of 6 years of related Computer Security experience; Master’s degree with a minimum of 4 years of related experience; or PhD with a minimum of 2 years related experience
- Possess one of the Department of Defense (DoD) approved 8570 Baseline certifications for Information Assurance Manager (IAM Level 1) or plan to be certified within 6 months of hire date
- Successful experience with system hardening, configuration testing, continuous monitoring and scanning using any of the tools: SCAP, Nessus, Snort, Splunk
- Willingness to submit to a Counterintelligence polygraph
- Recent experience implementing the Intelligence Community Directive (ICD) 503 and Risk Management Framework (RMF) principles, Assessment & Accreditation lifecycle, National Institute of Standards and Technology (NIST) Special Publications including 800-53, Federal Information Processing Standard (FIPS) Publications 199 & 200, and Defense Security Service (DSS) processes including Office of the Designated Approving Authority (ODAA) Business Management System (OBMS) web-based system
- Knowledge of security concepts and best practices such as defense in-depth, least privilege, need-to-know, separation of duties, access controls, encryption, etc.
- Strong technical and social skills providing accountability and day-to-day support in ensuring classified automated information systems (AIS) are protected and operated in accordance with governing policies and related manuals.
- Preferred (ISC)2 Certified Information Systems Security Professional (CISSP) or CompTIA Security+ Continuing Education (CE) certification in good standing
- Experience with Security Repository Tools such as Telos Xacta IA Manager or Trusted Agent FISMA (TAF)
- Experience and knowledge of using Security Information and Event Management (SIEM) tools including; Splunk ES to analyze relevant security events and alerts
- Implement tools and techniques in support of Insider Threat Mitigation Program
Required Certifications: See Requirements (above). Will be able to obtain DoD 8570 Level III cert within 6 months.
Working Conditions: Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are normally set from Monday through Friday 8:00am to 5:00pm, however some extended or weekend hours may be required. Additional details on the precise hours will be provided to the candidate from the Program Manager/Hiring Manager.
Physical Requirements: May be required to lift and carry items weighting up to 15 lbs. Requires intermittent standing, walking, sitting, squatting, stretching and bending throughout the work day.
Background Screening/Check/Investigation: Successful Completion of a Background Screening/Check/Investigation will be required as a condition of hire.
Employment Type: Full-time / Exempt
Benefits: Metronome offers competitive compensation, a flexible benefits package, career development opportunities that reflect its commitment to creating a diverse and supportive workplace. Benefits include, not all inclusive – Medical, Vision & Dental Insurance, Paid Time-Off & Company Paid Holidays, Personal Development & Learning Opportunities.
- Required Skills