Cybersecurity Information System Security Officer (ISSO)
$92,650 - $125,350/Yr
Boeing - Colorado Springs, CO
posted about 2 months ago
Full-time - Mid Level
Colorado Springs, CO
5,001-10,000 employees
Transportation Equipment Manufacturing
About the position
The Cybersecurity - Information System Security Officer (ISSO) at Boeing is responsible for maintaining and implementing information system security policies and standards to ensure the protection of classified information. This role involves leading security analysis, risk assessments, and compliance with industry standards while collaborating with various teams to enhance cybersecurity measures. The ISSO will also serve as a technical leader and advisor, ensuring that all security requirements are met across multiple classified computing domains.
Responsibilities
- Perform security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards.
- Lead and implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems.
- Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL), and support Continuous Monitoring (CONMON).
- Oversee configuration management of assigned systems; auditing systems to ensure security posture integrity.
- Partner with Information Technology, Program Engineering, and Management with security requirements.
- Conduct risk assessments and investigations, execute appropriate risk mitigations, and oversee incident response activities.
- Conduct periodic hardware/software inventory assessments.
- Serve as organization spokesperson on advanced projects and programs.
- Act as advisor to management and customers on advanced technical research studies.
- Interface with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements.
Requirements
- Active U.S. Top Secret Security Clearance (U.S. Citizenship Required).
- IAM Level 1 DoD 8140.01 compliant certification (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC).
- 1+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) including NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS.
Nice-to-haves
- Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC or CISM).
- Experience with cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, and/or NIST SP 800 series.
- Experience in assessing and documenting test or analysis data to show cybersecurity compliance.
Benefits
- Disability insurance
- Flexible spending account
- Health insurance
- Health savings account
- Retirement plan
