- Battelle delivers when others can’t. We conduct research and development, manage national laboratories, design and manufacture products and deliver critical services for our clients—whether they are a multi-national corporation, a small start-up or a government agency.
- We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.
- We are seeking an Information System Security Officer (ISSO) in our Advanced Mission Solutions (AMS) Business Line within our National Security Business Unit. As an ISSO, you will live our core values – Unity, Creativity, Collaboration, Excellence, and Appreciation. This position is located at Wright-Patterson AFB (WPAFB), OH.
As a member of Battelle’s AMS Business Line, you’ll be involved in providing information systems security for a leading-edge modeling and simulation live-virtual-constructive (LVC) testbed project with the Air Force Research Lab at Wright Patterson AFB in Dayton, Ohio. This includes building trusted relationships with our customers and mission partners, collaborating with them to define security requirements and shape the security vision for this project. You’ll work closely with operational and engineering experts to keep the LVC testbed secure against constantly evolving threats.
In this role, you will be challenged to stay current with the latest technological advancements in information security. You will be exposed to advanced technologies and will play a major role in identifying potential threats and intrusions on Information Technology (IT) systems from our adversaries. Together, we’ll address evolving threats to national security, keeping our nation and our warfighter’s safe.
The successful candidate for this role will work within the Risk Management Framework and coordinate with Contractor & Military Information System Security Managers, Officers, and Engineers to obtain and maintain certifications and accreditations for DOD modeling & simulation systems.
- Ensuring systems are operated, maintained, and disposed of in accordance with DOD security policies and procedures as outlined in the security plan
- Verifying the implementation of delegated aspects of the system security program
- Ensuring all proper account management documentation is completed prior to adding and deleting system accounts
- Verifying all system security documentation is current and accessible to properly authorized individuals
- Conducting periodic assessments of authorized systems and providing the ISSM with corrective actions for all identified findings and vulnerabilities
- Ensuring audit records are collected and analyzed in accordance with the security plan.
- Reporting all security-related incidents to the ISSM
- Monitoring system recovery processes to ensure security features and procedures are properly restored and functioning correctly
- Formally notifying the ISSM of any changes to a system that could affect authorization
- Complete required training per DOD 8570.01-M Information Assurance Workforce Improvement Program Manual within six months of appointment
- Ensure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization’s mission and goals.
- Document, implement, and administer security procedures for computer systems (Classified & Unclassified computers and networks) in accordance with Department of Defense (DoD) cybersecurity requirements.
- Read, evaluate, and remediate STIGS, vulnerability scans, and logs
- Advocate for and manage the necessary resources, including technical support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
- Advise senior management senior leadership on risk levels and security posture.
- Advise senior leadership or Authorizing Official of real-world events that could impact the LVC Testbed’s cybersecurity posture and make recommendations for changes.
- Collect and maintain data needed to meet system cybersecurity reporting.
- Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
- Ensure that security improvement actions are evaluated, validated, and implemented.
- Coordinate cybersecurity inspections, tests, and reviews within the network environment.
- Ensure that cybersecurity requirements are integrated into continuity of operations planning.
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
- Identify alternative information security strategies to address security objectives.
- Identify information technology (IT) security program implications of new technologies or technology upgrades.
- Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program.
- Manage the monitoring of information security data sources to maintain situational awareness.
- Oversee the information security training and awareness program.
- Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
- Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
- Recommend resource allocations required to securely operate and maintain cybersecurity requirements.
- Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
- Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Continuously validate the network against policies/guidelines/procedures/regulations/laws to ensure compliance.
THE FOLLOWING IS REQUIRED
- Meet IAM Level II approved baseline certification requirements (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP) per DOD 8570.01A Manual
- Bachelor’s degree in Information System Security, Cybersecurity, Information Technology, Computer Science, or a related field and 10+ years relevant experience, or equivalent combination of education, training, and experience
- Knowledge of Windows and Linux Operating Systems
- Experience with NIST 800-53, CNSSI 1253, NISPOM and RMF
- Experience generating and submitting successful RMF packages
- Experience with DOD Enterprise Mission Assurance Support Service (EMASS)
- Demonstrated knowledge and experience in the management of IT Security, IT Risk Management Framework (RMF) Compliance.
- Experience with management of servers and Active Directory policies (GPOs)
- Strong knowledge of information systems security components and best practices including firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
- Must have an active DOD Secret (or higher) security clearance
- Strong knowledge and understanding of NIST Special Publication 800-53, ISO27001, DoD 8510.01, NISPOM, & ICDs
- People management and leadership experience
- Experience handling COMSEC materials and loading COMSEC keys
The above statements are intended to describe the nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, activities and skills required of staff members. No statement herein is intended to imply any authorities to commit Battelle unless special written permission is granted by Battelle’s Legal Department.
Battelle’s benefits program supports employees so they can be at their best at home and at work. It’s a comprehensive package including:
- A benefits concierge service to help you understand and use your benefits
- Paid parental leave and family formation support
- A holistic wellness community and employee assistance program offering physical, mental, financial, legal and family support
In compliance with President Biden’s Executive Order 14042 and the Safer Federal Workforce Task Force COVID-19 Workplace Safety: Guidance for Federal Contractors and Subcontractors, Battelle requires all employees to be fully vaccinated against COVID-19 as a condition of employment and continued employment and to provide documentation that they are fully vaccinated. Battelle will provide reasonable accommodations based on a qualified disability or medical condition through the Americans with Disabilities Act or the Rehabilitation Act or for a sincerely held religious belief under Title VII of the Civil Rights Act of 1964 (and related state laws).
Battelle is an affirmative action and equal opportunity employer. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact firstname.lastname@example.org.