Sr. Information Systems Security Officer (ISSO)

Please review the job details below.

Maxar is seeking solutions-oriented head Information Systems Security Officer (ISSO) to work in an agile and fast paced customer environment supporting a user base with a mission to solve unique and challenging problems in support of national security.  We are seeking an ISSO who can collaborate as a team partner with a dynamic full technology stack engineering team working on a large scale Government Information System (IS) in both operations and new development.   The head ISSO shall be responsible for performing the activities necessary to ensure the security of systems as well as the security of information within those systems. The ISSO will be responsible to performing activities to respond to Government enterprise cyber security actions and maintain the IS compliance with enterprise security requirements.  The ISSO will work on the accreditation and re-accreditation of Government ISs at multiple classification levels.  The ISSO must possess technical, organizational and teamwork skills necessary to support the security of complex US Government Information Systems.

Note: US citizenship and an active TS/SCI clearance is mandatory for this position and required for consideration. Consideration to acquire CI Poly possible.

Location:  Northern Virginia (Herndon or Springfield)

Principal Responsibilities:

• Program Cyber Security Execution
  • Execute all aspects of the cybersecurity program for Government Information Systems at multiple classification levels including:
    • Conduct vulnerability scan analysis and remediation plan creation and coordination
    • Work collaboratively with the technical team to manage and execute the program Continuous Monitoring (CONMON) process
    • Work with the team’s Product Owners to drive cyber security awareness and requirements into the program development process
    • Work with the team’s Product Owners to gather, assess and manage cyber security artifacts collected during virtualization environment tenant onboarding
    • Work with the ISSE and technical team to write and successfully execute Plans Of Action and Milestones (POA&Ms) to address cyber security issues and liens
    • Work with the program ISSE, accreditors and other system stakeholders to accurately represent the program’s cyber security posture to key Government decision makers
    • Work with the program ISSE and technical team to develop and document security controls implementations and create IS accreditation packages to include:
      • Security Concepts of Operations (CONOPS)
      • System Security Plans (SSPs)
      • Business Continuity/Disaster Recovery Plans (BCDRPs)
      • Controls Family Policy and Procedures documents
  •  Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Acquire detailed system and programmatic knowledge while executing the cyber security program to develop subject matter expertise in the following areas
    • The technical architecture of the supported ISs
    • The organizational structure of the program’s cyber security practice
    • The documentation of the program’s cyber security controls
    • The missions supported by the program
    • The compliance requirements levied on the system by the Government enterprise

Experiences and Skills Required

• Bachelor or Master degree in Information Technology, Information Assurance, Cyber Security or a related discipline plus 5+ years of experience
• Security+ CE (SY0-601) or comparable certification
• Demonstrated experience with DoD IA/Cybersecurity Directives
• Working knowledge of the Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) and how they are applied to ISs
• Experience using Tenable  Assured Compliance Assessment Solution (ACAS) scanner or similar vulnerability scanners
• Working knowledge of the Risk Management Framework (RMF) process as driven by ICD 503
• Working knowledge of the National Institute of Standards and Technology (NIST) Special Publication 800 series
• Excellent verbal and written communication skills with the team, stakeholders and Government
• Willingness to work in a SCIF 90+%
• Active TS/SCI clearance and US citizenship (open to obtain CI polygraph)

Additional Skills Desired

Some familiarity in these areas would be fabulous.

• Advance cyber security certifications such as Certified Systems Security Professional (CISSP), Global Information Assurance Certification, CISSP certification, DoD 8570 certification or similar

• Demonstrated experience working in the cyber security program of a large, multi-tiered, multi-classification level system
• Demonstrated experience pre-empting, identifying and mitigating security incidents
• Demonstrated experience working in a diverse, fast-paced, high-intensity team environment
• Familiarity with large scale virtualization environments and cloud computing systems
• Familiarity with Big Data and  GIS systems  
• General proficiency at the Linux command line
• Knowledge of one or more scripting languages useful in the analysis and reduction of large data sets (Python, VBA or similar)
• Demonstrated experience with XACTA 360
• Demonstrated experience with Service+
• Familiarity with cyber security technology (SIEM tools, Firewalls, IDS, IPS, etc.)

#cjpost

#LI-RD

#LI-Onsite

$107,000.00 - $229,000.00 annually.

We offer a comprehensive package of benefits including paid time off, health and welfare insurance, and 401(k) to eligible employees. You can find more information on our benefits at: https://www.maxar.com/careers/benefits

Additionally, this position is incentive eligible with a target based on contribution, company performance, and/or individual results achieved; the specific incentive plan and target amount will be determined based on the role and breadth of contributions.

This position will be posted for a minimum of three business days, and will be posted until a qualified candidate has been identified for hire. 

Maxar employees must follow all applicable Maxar policies and COVID-19 requirements as well as those of Maxar customers and third parties. Individual job requirements may vary, and Maxar reserves the right to modify its policies and requirements as it deems appropriate in accordance with applicable law.

Maxar Technologies values diversity in the workplace and is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.