Job Purpose
The Level II Information Systems Security Officer (ISSO) will support the development and maintenance of Authority to Operate (ATO) packages, provide cybersecurity planning, and ensure compliance with relevant security standards and guidelines. The ISSO will coordinate and implement security measures across various systems and participate in hardware and software deployment activities.
Duties and Responsibilities
The job duties and responsibilities include, but are not limited to the following:
- Conduct risk assessments to identify potential security threats and vulnerabilities.
- Support new ATO packages in eMASS and XACTA.
- Provide cybersecurity planning and maintenance services, including updates of security documentation to reflect new or changed physical configurations and security requirements.
- Coordinate the implementation of security measures in workstations, servers, and other system components.
- Ensure that hardware and software deliverables meet cybersecurity requirements as specified under DoDI 8500.01, RMF IT, and NIST SP 800-53, including guidance from Authorizing Officials (AOs).
- Participate in the design, implementation, testing, and deployment of hardware and software for ONI networks.
- Evaluate scans, artifacts, plans, and STIGs to ensure compliance with all system security controls, facilitating waivers as required.
- Ensure that hardware and software delivered to the Partnerships and Capabilities Directorate (N3) for ONI networks comply with accreditation/authorization terms and conditions.
- Ensure that system hardware and software installation on ONI networks complies with ONI assessment and authorization (A&A) processes for all enclaves and cross-domain systems.
- Develop, maintain, and update security documentation, including System Security Plans (SSPs), security assessment reports, and plans of action and milestones (POA&Ms).
- Prepare and manage Authority to Operate (ATO) packages and other accreditation documentation.
- Monitor information systems for security incidents and vulnerabilities.
- Conduct regular security audits and assessments.
- Report security status and incidents to appropriate authorities and stakeholders.
- Stay updated on the latest security threats, trends, and technologies.
- Continuously improve security processes and controls to enhance the overall security posture of the organization.
Qualifications
Minimum Education & Experience:
- Bachelor's degree in computer science, information technology.
- IAT Level 2 certification in Information Systems Security.
- Minimum 3 years of experience in IA technology, NE and advanced CE.
- Experience with categorizing, STIGing, and developing ATO packages using the RMF playbook.
- Proficient in eMASS and XACTA.
- Strong understanding of DoDI 8500.01, RMF IT, and NIST SP 800-53 guidelines.
- Experience in cybersecurity planning and maintenance.
- Strong analytical and problem-solving skills.
- Excellent communication and teamwork abilities.
About Alakaʻi Services Group Inc. / Poʻe Hana Group, Inc.
Alaka‘i Services Group Inc. (ASGI), a subsidiary of the Alaka‘i Foundation Group Inc., is a Native Hawaiian Organization (NHO)-Owned Small Business serving the U.S. Department of Defense and other Federal Government Clients.
Headquartered in Honolulu, Hawaii, Poʻe Hana Group, Inc. (PGI) is a talent management, staffing, and administrative support services company. PGI specializes in providing HR and administrative services to the Alakaʻi family of NHO companies.
PGI is an Equal Opportunity Employer and strives to provide equal employment opportunity to all applicants and staff in accordance with sound employee relations practices and federal and state laws. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, marital status, ancestry, genetic information, pregnancy status, or any other characteristic protected by law.