Information System Security Officer (ISSO)

Description

Do you love to be on a team of highly skilled, motivated and dedicated professionals charged with protecting sensitive data while administering enterprise Information Systems (IS) that support the Johns Hopkins University Applied Physic Lab (JHUAPL) mission?

Do you want to integrate system administration with Information Security (IS) across Highly Classified networks?

Are you passionate about protecting our Nation’s most sensitive information?

If so, we're looking for someone like you to join our team at APL.

We are seeking a dedicated Information System Security Officer (ISSO) to help us protect APL's Sponsor classified enterprise information technology infrastructure.

As a member of our team, you'll contribute to IS Security Management and oversight of our classified information systems in support of Sponsor/Program needs. You'll join an impressive team of technical specialists motivated by the common goal of supporting APL’s operational security posture across a complex classified infrastructure. You will independently identify and solve technical issues relating to Information Assurance system hardening (ensuring system availability, integrity, authentication and confidentiality).

As an ISSO...

• Your primary responsibilities are aligned to supporting requirements found in the Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) version 2.2 and future updates to include: security relevant documentation such as security CONOPS, Security Controls Traceability Matrix's, System Security Plans, Risk Assessment Reports, Contingency Plans.
• Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan.
• Ensure all proper account management documentation is completed prior to adding and deleting system accounts.
• Verify all system security documentation is current and accessible to properly authorized individuals.
• Conduct periodic assessments of authorized systems and providing the ISSM with corrective actions for all identified findings and vulnerabilities.
• Ensure audit records are collected and analyzed in accordance with the security plan.
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.

• Serve as a member of the Configuration Control Board (CCB).
• Possess sufficient experience and technical competence commensurate with the complexity of the systems.
• Ensure user activity monitoring data is analyzed, stored, and protected in accordance with the ITPSO policies and procedures.
• Execute the continuous monitoring strategy.
• Perform and analyze weekly security audits for nonstandard events. Implement backup solution and ensure a cohesive disaster recovery plan.

• Utilize the Enterprise Mission Assurance Support Services (eMASS) accreditation workflow platform.

• Assist in preparations for and participate in system inspections and take timely action to correct and document any issues or findings and train IS users on items required to eliminate security incidents.

Qualifications

You meet our minimum qualifications for the job if you

• A minimum of 6 years’ experience implementing cybersecurity policy and security controls for classified enterprise information technology systems and have a worked with a Restricted Area, SCIF, or SAPF.

• Possess a Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Data Science, or Software Engineering from an ABET accredited or NCAE-C-designated institution.

• Meet and demonstrate intermediate DoD 8140.03 Cyberspace Workforce Qualification and Management Program requirements through training and/or certifications (Security+, equivalent, or higher).
• Have a strong working knowledge with the DCSA DAAPM or JSIG, NISPOM, and DISA cybersecurity policy to support risk-based decisions and ensure compliance across the enterprise.
• Managed, trained, and led System Administrators (SAs), Information System Owners (ISOs), Information System Security Officers (ISSOs), and other stakeholders to prepare for and meet DCSA DAAPM standards and Defense Information System Agency (DISA) Command Cyber Readiness Inspection (CCRI) or Cyber Operational Readiness Assessment (CORA) standards.
• Managed, documented, and assisted with implementing DISA Security Technical Implementation Guides (STIGs) for operating systems and applications across the enterprise enclave for a minimum of 1 year.
• Have a deep understanding of government cybersecurity compliance standards, regulations, and policies with the ability to communicate requirements to all stakeholders, needed to support the enterprise system to include: configuration changes, application patching, incident response, vulnerability mitigation, and risk management.
• Developed, managed, or had direct implementation responsibility for continuous monitoring programs at the enterprise level.
• Have a working knowledge of Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), DISA STIG Viewer, Splunk or other cybersecurity relevant tools.
• Experience with developing and implementing cybersecurity training for SAs, ISOs, ISSOs, and privileged/general users.
• Experience and technical understanding of high to low / low to high data transfer process
• The ability to support enterprise level compliance requirements with minimal and timely manner to include providing clear and concise rational for decisions to all stakeholders.
• Excellent organizational and communication skills and the ability to effectively interact with managers and technical staff.
• Hold an active Secret or Top-Secret security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

You'll go above and beyond our minimum requirements if you...

• Have more than 10 years’ experience implementing cybersecurity policy and security controls for classified enterprise information technology systems and have a worked with a Restricted Area, SCIF, or SAPF.
• Hold a Master’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Data Science, or Software Engineering from an ABET accredited or NCAE-C-designated institution.

• Meet and demonstrate advanced DoD 8140.03 Cyberspace Workforce Qualification and Management Program requirements through training and/or certifications (CISSP, equivalent, or higher).

• Have cybersecurity compliance experience supporting Collateral, SCI, or SAP Top Secret enterprise information systems.
• Have experience in cybersecurity supporting domains such as intelligence analysis, Security Operations Center (SOC) support, governance and/or risk management, Development, Security, Operations (DevSecOps), computer forensics, policy creation, technical writing, incident response, disaster recover, etc.
• Have working familiarity with Director of Central Intelligence Directives (DCID) or Intelligence Community Directives (ICD) security requirements.
• Have direct experience working for a University Affiliated Research Center (UARC), Department of Defense (DoD) or Department of Energy (DOE) or similar research facilities.

About Us

Why Work at APL?

The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation’s most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.

At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL’s campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities athttp://www.jhuapl.edu/careers.

All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law.APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contactAccommodations@jhuapl.edu.

The referenced pay range is based on JHU APL’s good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis.

Minimum Rate

$90,000 Annually

Maximum Rate

$230,000 Annually