Information Systems Security Officer (ISSO)

Moog Inc • Full-time • BUFFALO, NY, USA • 1d ago

Moog is a performance culture that empowers people to achieve great things. Our people enjoy solving interesting technical challenges in a culture where everyone trusts each other to do the right thing. For you, working with us can mean deeper job satisfaction, better rewards, and a great quality of life inside and outside of work. Job Title : Information System Security Officer (ISSO) Reporting To: Director, Grp IT Work Schedule: Onsite - Buffalo, NY Moog is looking for an Information Systems Security Officer (ISSO) to support the Information Security Manager in the operation, accreditation, maintenance, and auditing of Information Systems (IS) used to process classified information and ensure the operational security posture is maintained in accordance with the system security plans and governing policies (i.e. - DCSA Assessment and Authorization Process Manual - DAAPM and National Industrial Security Program Operating Manual - NISPOM Rule - 32 CFR part 117). To be considered for this role, here's what you need to bring with you... A bachelor's degree in information technology, Computer Information Systems, or related field is preferred. o A two-year IT related degree with four (4) additional years of related experience can be considered in lieu of a formal bachelor's degree. Minimum of five (5) years' experience in Information Assurance. Knowledge of policies such as DAAPM, NISPOM Rule, JSIG, ICD 503, RMF, and NIST Special Publications. Proficiency installing and supporting Windows, Windows Server, Active Directory and VMware. Proficiency with using vulnerability scanning, auditing, SIEM, DLP, and hardening tools such as Nessus, SCAP Compliance Checker (SCC), USB Device Control, STIGs, Windows GPOs (importing, testing, implementing, modifying, exporting), and PowerShell scripts for automated and routine tasks. Proficiency with performing data transfers and knowledge of data transfer procedures. Appropriate US Security Clearance (Secret/Top Secret) or be able to meet the requirements to attain and maintain a clearance. COMSEC-related experience is a plus. As an Information Systems Security Officer (ISSO), here's what you will do on a daily basis... Prepare, update, and maintain Risk Management Framework (RMF) documentation such as, but not limited to, Authorization to Operate (ATO) packages, System Security Plans (SSP), Risk Assessment Reports (RAR), Standard Operating Processes (SOP), and Plan of Actions and Milestones (POA&Ms) for all classified networks and systems. Perform regular auditing, updating, and continuous monitoring of the bootable Information Systems (IS) to ensure the security controls are implemented & maintained in accordance with RMF/ATO. Maintain complete inventory of IS including software and peripheral hardware. Assist Data Transfer Agents (DTA) and Facility Security Officer (FSO) to perform file transfers using removable media in accordance with the Assured File Transfer (AFT) policy and procedures. Coordinate with the ISSM, the Security Control Assessor (SCA), and the Authorizing Official (AO) for all Configuration Management (CM) changes and modifications to the IS software and hardware. Identify and assess device classification risks and determine appropriate risk mitigation safeguards to maintain security posture. Schedule, perform, and maintain records of required IS auditing, patching, maintenance, configuration management changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements. Work with System Administrators ( S:CLZNY-CLZNORTHEAST