Information Systems Security Officer - BAE Systems - Quantico, VA

  • 6 Jun 2024 10:38 AM
    Message # 13366804
    ISC2 Admin (Administrator)

    Information Systems Security Officer - BAE Systems - Quantico, VA

    On-site - USD 126,610.00 - 215,270.00 per year

    Job Description
    BAE Systems is seeking a qualified and motivated individual to serve as Information Systems Security Officer (ISSO) at Quantico, VA. The position will support the government Marine Corps customer in a high-paced office environment of military, government civilian, and contractor workers. The work is 100% in-office at government customer site. The successful candidate will have relevant DOD cybersecurity work experience and excellent interpersonal skills, in addition to meeting the requirements below.

    ISSO Job Tasks:

    • Perform ISSO responsibilities as defined in Marine Corps Orders, Enterprise guidelines, Intelligence Community and other required regulations.
    • Support, create, and update cybersecurity policies, procedures and other supporting documentation to achieve compliancy and ensure compliancy with regulations.
    • Be Responsible for managing and oversight of numerous authorities to operate (ATO) packages throughout an information system lifecycle.
    • Ensure security incidents are investigated and reported in accordance with AR 25-2, to include computer viruses and sanitization of highly classified information from information systems.
    • Participation in weekly cybersecurity IPT meetings and attend other program IPT meetings as required to address cybersecurity concerns and ensure integration of required cybersecurity activities into program and system schedules.
    • Participate, complete and ensure the Marine Corps Assessment and Authorization (A&A) activities are integrated into the project planning and executed as planned.
    • Create authorization package records in accordance with Marine Corps Certification and Accreditation Support Tool (MCCAST), Intelligence Enterprise Management Office (IEMO) and other risk management processes for assigned systems, projects, networks or capabilities.
    • Support identification of the system type (IS, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, data classification, tactical, space, etc., to support categorization.
    • Support the determination of the appropriate policies and security categorization in accordance (IAW) with CNSSI 1253 for assigned systems.
    • Support the generation of controls for assigned systems IAW appropriate policies, security categorization, and applicable overlays.
    • Assess and document the security control set for assigned systems to determine the applicability and compliance of the individual controls within the security control set.
    • Support the development of Cybersecurity Strategy, policies, processes, and procedures based on the security categorization.
    • Support the development of Security Plan (SP) and Information System Continuous Monitoring (ISCM) Strategy documentation.
    • Support the Security Control Assessor (SCA) and AO review of the security control set to address any feedback received during reviews.
    • Develop, update, change and then collaborate with the ISSM and Security Controls Validator (SCV) to develop Security Assessment Plan (SAP).
    • Support the ISSM and PM in implementing and testing the security control set IAW appropriate regulations.
    • Support the documentation of pre-assessment results in a POA&M and Risk Assessment Report (RAR).
    • Support the SCA and AO review of the pre-assessment POA&M and RAR to address any feedback received during reviews.
    • Support the SCV in conducting the official security validation assessment.
    • Assist the ISSM in providing updates to the Security Validation POA&M to address open vulnerabilities that were verified by the SCV during the official security assessment.
    • Support the ISSM and PM in completing, assembling, and submitting the Security Authorization Package for the SCA and AO review and AO authorization.
    • Support the Security Control Assessor (SCA) and AO review of the security Authorization Package to address any feedback received during the review.
    • Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs
    • Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements
    • Perform system audits to assess security related factors within the IT infrastructure
    • Review response actions to security incidents
    • Maintain a repository for all system accreditation/certification documentation
    • Maintain a repository for all personnel required certifications
    • Requires a strong working knowledge of Information Assurance (IA) security controls and security technical implementation guides (STIGS)
    • Other duties as required

    Required Education, Experience, & Skills
    • The position requires a minimum of a Department of Defense Secret clearance to start, with the ability to obtain and maintain a Top Secret SCI clearance.
    • Bachelor's degree in Cybersecurity, Math, Science, or related field.
    • DOD cyber certification as an IAM Level II [CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP]
    • At least 5 years of professional experience in cybersecurity

    Preferred Education, Experience, & Skills
    TS/SCI Clearance

    Pay Information
    Full-Time Salary Range: $126610 - $215270

    Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.


Copyright 2024, International Information Systems Security Certification Consortium, Inc. (ISC2), in website format and trade dress only. All Rights Reserved. ISC2, CISSP, SSCP, CAP, ISSAP, ISSEP, ISSMP, CSSLP, and CBK are registered certification, service, and trademarks of ISC2. Disclaimer: ISC2 does not own, operate, or moderate this website. All content of this site, exclusive of licensed trademarks or copyright, is the property of the designated ISC2 Chapter organization, which is not owned, managed, or controlled by ISC2 and operates independent of ISC2.  

ISC2 RVA is a 501(c)3 nonprofit organization.  EIN: 83-4655968

P.O. Box 2566, Glen Allen, VA 23058-2566

Powered by Wild Apricot Membership Software