Information Systems Security Officer - ISSO - Seneca Holdings
Charleston, SC
About the Job
Seneca Global Services, LLC is part of the Seneca Nation Group (SNG) portfolio of companies. SNG is the federal government contracting business wholly owned by the Seneca Nation. SNG meets mission-critical needs of federal civilian, defense, and intelligence community customers across a variety of domains. The SNG portfolio receives shared services support from its parent company Seneca Holdings and is comprised of multiple companies that participate in the Small Business Administration 8(a) program. To learn more visit www.senecanationgroup.com and follow us on LinkedIn.
The Seneca Nation Group companies offer competitive compensation and a strong benefits package including comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family. We pride ourselves on our collaborative work environment and culture which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation.
Seneca Global Services, LLC is seeking an Information Systems Security Officer (ISSO) to join a technical team that enables our employees to make a difference in supporting our DOD customer and their mission. The ISSO will be integrated into a team that captures and refines security and privacy requirements for systems and ensures that the requirements are effectively integrated into systems and system elements through security or privacy architecting, design, development, and configuration. The ISSO will serve as the security liaison as it applies to all things physical, personnel, information and cyber, operations, Anti-Terrorism, law enforcement, communications and technical security.
Responsibilities include, but are not limited to:
- Directly support and provide inputs to the ISSM such as, but not limited to, support the Assessment and Authorization (A&A), duties identified in the Continuous Monitoring Plans and to facilitate the Security Controls Assessment for all assigned information systems.
- Assists in the administration and monitoring of the implementation of the Risk Management Framework (RMF) steps and activities throughout system life cycle to ensure appropriate security posture is maintained.
- Implement cyber security program, policies, and procedures for the assigned information systems.
- Maintain a working knowledge of current and upcoming/scheduled events, assigned information system functions, security policies, technical security safeguards, and operational security measures.
- Possess SME-level knowledge of DoD, Defense Intelligence Agency (DIA), and Risk Management Frameworks (RMF) core concepts and processes.
- Coordinate with applicable stakeholders.
- Maintain the Authorization to Operate (ATO) packages, as required, for the assigned information systems in the appropriate A&A System of Record (e.g., XACTA 360, Keystone, eMASS).
- Review/analyze Audit Logs (e.g., Splunk logs, Windows Event (EVTX) logs, Linux syslogs, and others as required) for assigned information systems.
- Perform validation checks to ensure the assigned information systems have the CM-approved software installed, to include Antivirus definitions.
- Perform cyber security compliance/vulnerability scans and manual checks.
- Execute the ISSO-specific duties identified programs Plans for the assigned information systems.
- Implement the account management process for the assigned information systems and issue the appropriate credentials to users.
- Implement the user-centric cyber security education, training, and awareness program, as required by the ISSM.
- Perform other duties as assigned in support of the NCRC mission.
Basic Qualifications:
- Active TS/SCI Clearance required.
- BS from an accredited college or university and 8+ years of experience, other experience may be considered instead of a degree.
- Minimum of 5 years of extensive experience in cyber security, information assurance, and risk management framework processes.
- DoD 8570.0 and DoDD 8140.01 Information Assurance Technical (IAT) Level II or higher.
- 2+ years of demonstrated aggregate experience performing IT application, system, and Network project reviews and providing technical and policy DoD cybersecurity guidance.
Desired Skills:
- Shall have at least one certification requirement listed on DoDM 8140.03, DoD Cyberspace Workforce Framework
- Have background knowledge of:
- VMWare – Virtualization and security (vSphere, vCenter, NSX, ESXi)
- RHEL – Ansible, Kubernetes, StackRox, OpenShift
- AWS/Azure - Cloud technologies/Containerization
- F5 BIG IP and Cisco – networking devices/distributed technologies
- STIG and IAVA implementation
- NetApp – Storage technologies
- Dell Blade Servers
Diversity, Equity & Inclusion Statement:
The Seneca Holdings family of companies is committed to building an inclusive work environment that encourages, supports, and celebrates the diversity of our employees. We recognize that an inclusive corporate culture improves how we support our customers and also improves the collective impact we can make in our communities.
Equal Opportunity Statement:
Seneca Holdings provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital status, genetic information and/or predisposing genetic characteristics, victim of domestic violence status, veteran status, or other protected class status. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation and training. The Company also prohibits retaliation against any employee who exercises his or her rights under applicable anti-discrimination laws. Notwithstanding the foregoing, the Company does give hiring preference to Seneca or Native individuals. Veterans with expertise in these areas are highly encouraged to apply.
