218001 - IT Security Officer

Chipton-Ross is seeking an IT Security Officer for a contract opportunity in Rancho Cordova, CA.

BASIC QUALIFICATIONS (REQUIRED SKILLS/EXPERIENCE):

• Ensuring systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package

•Ensuring audit records on multiple information system platforms are collected and analyzed in accordance with the approved security plan and discrepancies reported

• Attending technical and security training (e.g., operating system, networking, security management) relative to assigned compliance duties Proficient in reviewing, updating and maintaining security documentation (e.g., SSP's POA&Ms, policies, procedures)
• Familiarity with DISA STIG's and system hardening requirements Monitor, analyze vulnerability assessment data using approved scanning tools (e.g., Tenable/ACAS) and support risk based remediation and mitigation activities.
• Ensuring all users have the requisite security clearances, authorization and need-to-know, and are aware of their security responsibilities prior to granting access to systems Reporting all security-related incidents to the ISSM and/or FSO Conducting continuous monitoring of environments to ensure compliance with security authorization packages

POSITION RESPONSIBILITIES:

• The selected individual will be responsible for ensuring the appropriate operational security posture is maintained for classified information system(s) (IS). The ISSO shall ensure systems are operated, maintained, and disposed of in accordance with Cognizant Security Agency (CSA) approved IS security policies and procedures.
• The ISSO plays an active role in monitoring the system(s) and environment of operation, managing, and controlling changes to the system, and assessing the security impact of those changes to further advise the Information System Security Manager (ISSM) and Facility Security Officer (FSO).

PREFERRED QUALIFICATIONS (DESIRED SKILLS/EXPERIENCE:

• Experience working with information system security principles and practices Government compliance, regulations, and standards (NISPOM, DAAPM, RMF, NIST 800-53, NIST 800-171, DISA STIGS) with special emphasis on risk management framework (RMF) experience
• Familiarity with Splunk, or similar SIEM platforms for log review and security monitoring.
• Experience performing vulnerability assessments using Tenable.sc/Nessus Manager.Knowledge of security content automation protocol (SCAP)

REQUIRED EDUCATION:

• Accredited Bachelor's Degree and 2 years prior experience, 2 year post-secondary/AA Degree and 4 years prior experience. In lieu of degree must have 6 years of experience

WORK HOURS:

• Full-Time