• Information Systems Security Officer

    Job Locations US-WA-Kent
    Category
    Security and Facilities
    Job ID
    3067
  • Overview

    As part of a small, passionate and accomplished team of experts, you will define, create and maintain the documentation for certification and accreditation of information systems in accordance with government requirements for Blue Origin. You will review information systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades. You will also be required to assess the impacts on system modifications and stay up-to-date on technological advances. This position will directly impact the history of space exploration and will require your dedicated commitment and attention to detail to further the cause of safe, and repeatable spaceflight.

    Responsibilities

    • Write authorization and accreditation (A&A) documentation in support of the Risk Management Framework (RMF) and ensure the systems are operated and maintained in accordance with these system security plans.
    • Perform oversight of day-to-day maintenance of systems, including auditing and tracking end-of-life and patch management status to ensure systems are protected.
    • Identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies.
    • Enforce the design and implementation of trusted relationships among external systems and architectures.
    • Support security planning, assessment, risk analysis, and risk management for customer systems and programs.
    • Assist system engineers in the design of security controls for the desired application or system capabilities.
    • Participate in Engineering and Configuration Review Boards and Working Groups to develop secure system solutions.
    • Recommend system-level solutions to resolve security requirements.
    • Ensure all users have the requisite security clearances, authorizations, need-to-know, and are aware of their security responsibilities before granting access to systems.
    • Conduct periodic reviews and self-inspections (annual/weekly) of information systems to ensure compliance.
    • Utilize security-related software for the detection of malicious code, viruses, and inside threat intruders (hackers) as appropriate.
    • Expected to have a working knowledge of RMF, NISPOM and Information Assurance requirements as well as technical understanding of hardening and mitigating a variety of hardware and software.
    • Analyze vulnerability reports to direct mitigation and remediation actions for all responsible systems.
    • Maintain awareness of organization-specific security and information technology policies.

    Qualifications

    • Current SSBI (within five years) and Top Secret Clearance with SCI eligibility (within two years) required (CI Poly will be required).
    • Requires a Bachelor’s Degree in a technology related field and a minimum of five (5) years’ experience in information assurance and/or cybersecurity.
    • Must meet position and certification requirements outlined in DoDD 8570.01-M for Information Assurance Manager (IAM) level 1(CAP, GSLC, Security+ CE), and able to meet future certification requirements as role expands.
    • Must be highly organized, able to prioritize tasking as well as multi-task, and willing to work in a team environment.
    • Strong critical thinking/analytical skills, attention to detail, creativity, and a sustained commitment to excellence and quality.
    • The position requires excellent oral and written communication skills.
    • Must be able to work flexible hours.
    • Must be a U.S. citizen or permanent resident (current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum

    Desired

    • Experience with developing and updating Certification and Accreditation documentation and system authorization artifacts under the Risk Management Framework (CNSSI 1253/NIST 800-53, etc.).
    • Experience in the use of security related auditing tools in support of RMF requirements.
    • Additional security certifications such as CISSP or specialized Information Security / Cybersecurity certifications.
    • Cybersecurity-related experience in support of IC programs (DoD experience a plus).
    • Previous ISSO and/or System Administration experience.
    • Excellent proficiency with Microsoft Office software (Excel, Word, PowerPoint).

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed