Job Description

Are you interested in creating new IT security capabilities and learning new cybersecurity technologies?

Do you want to have a stake in the overall security posture and assessment of the IT infrastructure?

If so, we're looking for someone like you to apply and join our team at APL!

We are ranked as one of Computerworld 's Top Places to Work in IT 5 years running, and we are seeking an Information Systems Security Officer (ISSO) to be responsible for the day-to-day compliance operations of our infrastructure spanning five classified environments. In this role, you will work with a team of knowledgeable Assessment & Authorization (A&A) and security engineers to provide security and compliance oversight of all classified IT assets.

As an ISSO you will...

• Complete full Assessment and Authorization (A&A) life-cycle functions by identifying risk, examining system documentation, interviewing system and site staff, testing system security configurations, reviewing network scans, and developing findings reports.
• Provide support during on-site assessments of US Government Security Control Assessors (SCAs) to demonstrate compliance with technical configuration requirements and implementation and enforcement of written security policy.
• Review and maintain information systems security plans (SSPs) and (A&A) in accordance with DoD mandated polices.
• Recommend system enhancements to improve security postures.
• Provide technical and programmatic Information Assurance services to internal and external customers supporting network and information security systems.
• Design, develop, and implement security requirements within an organization's business processes.
• Lead certification and accreditation activities in the development of security and contingency plans and conduct sophisticated risk and vulnerability assessments.
• Assist engineers with identifying solutions for vulnerabilities, create and map DoD Security Technical Implementation Guides (STIGs), submit change requests for systems, develop a Plan of Action and Milestones (POA&M), and create documents in support of Risk Management Framework (RMF) accreditations.
• Assist with handling cybersecurity risk from a business and organizational perspective by identifying organizational risks, helping to prioritize those risks, and maintaining a risk registry for escalating and communicating those risks to senior leadership.
• Coordinate CCB activities and document changes to the IS.

You meet our minimum qualifications if you...

• Hold a Bachelor's degree in a field related to Cyber Security or equivalent experience.
• Have attended coursework in the areas of cyber security plans, policies and programs, ethics for information technology, and/or security policy analysis.
• ISSO with 2+ years of verifiable experience working with DoD IT enclaves, systems, and solutions.
• Understand the technical configurations of Windows or Linux Operating Systems in physical and virtual environments.
• Perform activities to support receiving and maintaining ATC/ATO for new or existing systems and applications and maintain inventory of ATC/ATO status of systems and applications.
• Are able to multi-task, compromise, and solve problems; have excellent time management and ability to meet operational deadlines.
• Possess good social skills and the ability to communicate effectively with all levels of employees.
• Have experience working in or directly supporting the Department of Defense (DoD) or other U.S. government entities in accordance with Defense Counterintelligence and Security Agency (DCSA) guidelines
• Possess a current DoD 8570 certification (Security+ or CISSP)
• Hold an active Secret security clearance and can ultimately obtain Top Secret level clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

You'll go above and beyond our minimum requirements if you ...

• Possess experience with NIST and/or Risk Management Framework (RMF) security guidance and security control implementation standard
• Possess a current industry certification aligned to DoD 8570 for IAT Level III
• Has the ability to read and understand event logs from Windows and/or Linux using Splunk
• Proven experience with the assessment and authorization of cloud-based solutions and commercial solutions for classified (CSfC)

Why work at APL?

While the Johns Hopkins University Applied Physics Laboratory brings world-class expertise to a broad range of challenges, what makes us truly outstanding is our culture. We offer a vibrant, innovation ecosystem where you can feel safe to share ideas and to continue to grow personally and professionally. At APL, we celebrate our differences and encourage creativity and bold, new ideas and have earned Best Places to Work accolades in outlets such as Fast Companies and Glassdoor.

Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL’s campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at www.jhuapl.edu/careers.

APL is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to promoting an innovative environment that embraces diversity, encourages creativity, and supports inclusion of new ideas. In doing so, we are committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu. Only by ensuring that everyone’s voice is heard are we empowered to be bold, do great things, and make the world a better place.

*Please mention you saw this ad on AcademicJobs.*

Apply Now