Sabre Systems is currently hiring an Information System Security Officer (ISSO) to support one of our government customers located at Patuxent River Naval Air Station. This position will use a hybrid work schedule; some days the selected candidate will be in the office on base at Patuxent River Naval Air Station and some days the candidate will be able to work remotely. As the ISSO the selected candidate must be knowledgeable of the cybersecurity policies and procedures for Department of Defense (DoD) information systems and be particularly knowledgeable and experienced in all steps of the Risk Management Framework (RMF). Experience in developing and maintaining Security Packages within the Enterprise Mission Assurance Support Service (eMASS) database tool for collection of artifacts, test results, and scoring to support assessment and authorization of operational and/or Research Development Test and Evaluation (RDT&E) Navy systems is required.
The selected candidate will perform the following duties:
- Provide support to Information Systems Security Manager (ISSM) and System Security Engineer (SSE) in execution of the Cybersecurity Program.
- Perform Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) duties.
- Actively participate in Configuration Management (CM) tasks to ensure cybersecurity postures are not impacted due to a change; notifying the ISSM and SSE when changes occur that might affect cybersecurity authorization(s) and/or certifications.
- Attend required meetings to understand ship/shore installations and testing schedules requiring cybersecurity authorizations or have cybersecurity impacts.
- Provide meeting summary notes for meetings attended to the cyber team for awareness.
- Review cybersecurity Contract Data Requirements Lists (CDRLs).
- Coordinate with contractors/organizations supporting cybersecurity efforts.
- Conduct periodic reviews to ensure systems are operated, used, maintained, and disposed of in accordance with the systems' authorizations, security policies and practices.
- Audit systems in coordination with the ISSM to ensure secure and hardened postures are sustained throughout system lifecycles.
- Report the security status of the authorized environment as required by the Authorizing Official (AO).
- Obtain and sustain cybersecurity authorization packages:
- Review, develop, and maintain cybersecurity authorization documentation IAW the Risk Management Framework (RMF) process and requirements.
- Coordinate implementation and address all security controls to include but not limited to developing security policies, procedures, and guidance for compliance by sites hosting systems.
- Support and document security control tests, assist in remediation, and ensure that Plan of Action and Milestones (POA&Ms) are being appropriately managed and remediated within documented timelines.
- Interpret and verify technical security assessment results from items such as STIGs, EvaluateSTIG, and vulnerability scans.
- Ensure that POA&Ms or remediation plans are in place for vulnerabilities identified during risk assessment.
- Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plan).
- Update authorization package(s) as systems / software are modified or new components are added.
- Ensure Vulnerability and Patch Management Plan (VPMP) is developed, executed, and sustained.
Qualifications
Requirements:
- Minimum of five (5) years of ISSO or ISSE experience
- Navy Qualified Validator (NQV) certification (or ability to certify) desired
- Navy cybersecurity experience to include:
o Developing RMF packages in eMASS
o Interpreting technical assessment results (STIGs/scans) and/or validating results to provide risk recommendations
o Achieving Authority to Operate (ATO)/Interim Authority to Test (IATT)/Memorandum for Record (MFR) change authorizations
o Creating security-relevant artifacts to satisfy controls
o Coordinating with engineering, logistics, and program management Subject Matter Experts (SMEs)
o Participating in engineering boards
o DoD 8570-compliant industry certification (Sec + minimum, CISSP/CISM preferred) - eMASS expertise (existing account highly desired)
- Program office experience highly desired
- Aviation engineering experience highly desired
- Active DoD Secret Clearance or higher is required
- Must be a US Citizen
Overview
Sabre Systems, Inc., has been providing innovative technological solutions and services for Department of Defense, Federal Civilian, and commercial customers for more than 30 years. We support the ever-evolving areas of advanced communication technologies, cyber, systems and software engineering, digital transformation, and enterprise data management.
As a successful mid-sized company with three decades in business, we continue to uphold our small business values with a core philosophy of putting our people first. Our welcoming and inclusive culture embraces the diverse thoughts, experiences, and unique perspectives of our people, encouraging open communication and feedback at every level of our workforce. We offer a collaborative work environment, learning and development opportunities that benefit even our most seasoned technical professionals, and the support and resources needed to develop impactful solutions for our customers. Your health, happiness, and well-being are at the top of our priority list because we know your personal and professional success depends on it. Sabre offers custom-built and wide-ranging benefits that are continually enhanced to meet the evolving and diverse needs of our Sabre Pros. Join our team and contribute to our thriving, people-driven culture.
Sabre provides an excellent benefits package, which includes healthcare, paid days off, tuition reimbursement, and a 401K plan.
We respect the unique perspectives that a diverse workforce of minorities, women, individuals with disabilities, and protected veterans brings not only to our company, but also to our customers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity and sexual orientation), national origin, age, disability or genetic information.
EOE Minorities/Females/Disability/Veterans; VEVRAA Federal Contractor
#LI-EN1