V2X is a leading provider of critical mission solutions and support to defense clients globally. The Information Systems Security Officer (ISSO) is responsible for conducting security assessments, performing risk analysis, and ensuring compliance with security policies for training devices.
Conducts regular security assessments and audits on I.T. devices and information system assigned to identify vulnerabilities, security gaps, and non-compliance with security policies and standards in support of U.S. Army's Warfighter Training& Readiness Solutions ( W-TRS) program.
Performs risk analysis to evaluate the potential impact of identified vulnerabilities on the security and operations of training Devices.
Determines the likelihood of a security breach and the potential consequences.
Ensures that all DoD and U.S. Army security policies, procedures, and standards are properly implemented in all training devices.
Prepares for and respond to security incidents involving training devices.
Creates and maintains detailed RMF body of evidence, documentation of all security assessments, audits, incidents, and remediation efforts.
Qualification
Required
B.S. in Engineering, Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or related field; Advanced degree(s) preferred.
Years Experience: (1+MA/MS or 2+BA/BS) or (4+AA/AAS) or (6+No Degree)
8140/8570 DoD Certification; Foundation-Intermediate / Information Assurance Manager I-II (IAM I-II)
Experience conducting regular security assessments and audits on IT devices / Information Systems to identify vulnerabilities, security gaps, and non-compliance with security policies and standards, using both manual inspections and automated tools to scan for vulnerabilities.
Experience participating in the Risk Governance process to provide security risks, mitigations, and input on other technical risk. Prepares and presents reports on the security posture to senior management and other stakeholders.
Experience creating and maintaining detailed RMF Assess and Authorization (A&A) documentation, incident reports, findings from device / information system examinations, summaries, and other situational awareness information.
Experience in supporting necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
Experience with creating / managing plans of actions and milestones (POA&Ms) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Experience ACAS/Nessus vulnerability scans, review audit logs in Splunk to detect suspicious or unauthorized activity, and that all modules are functioning / detecting for HBSS/ TRELLIX.
Experience staying abreast of the latest security threats, trends, and technologies.
Ability to provide continuous evaluations and improve the security measures in place to address evolving security challenges.
Familiar with all DoD Cybersecurity guidance, NIST Special Publications, and U.S. Army Information Technology / Cybersecurity Regulations.
Overseeing an information security training and awareness program.
Must have a current and active U.S. Passport with ability to obtain a DoD SECRET clearance
Preferred
Experience working with DoD / U.S. Army / Federal Government
V2X is a leading provider of critical mission solutions and support to defense clients globally, formed by the 2022 Merger of Vectrus and Vertex to build on more than 120 combined years of successful mission support.
Glassdoor
Founded in 2016
Mclean, Virginia, USA
10001+ employees
https://gov2x.com
V2X is a leading provider of critical mission solutions and support to defense clients globally, formed by the 2022 Merger of Vectrus and Vertex to build on more than 120 combined years of successful mission support.
