Jacobs Info Sys Security Officer-TS/SCI with Poly in Chantilly, Virginia
Challenging Today. Reinventing Tomorrow.
We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.
At Jacobs, we challenge the status quo and redefine how to solve the world's greatest challenges, transforming big ideas into intelligent solutions for a more connected, sustainable world.
Design your career with a company that inspires and empowers you to deliver your best work so you can evolve, grow and succeed – today and into tomorrow
Jacobs is looking for a Information System Security Officer to join our Sensor Processing Team. Candidates must have a strong Information Assurance/Security background and be capable of coming up to speed on all ICD 503 computing security responsibilities and IA actions. Candidates must have good communication and problem-solving skills, and the ability to work both independently and collaboratively in a team environment as required.
Duties/Tasks and Responsibilities:
Perform all ISSO related duties as required by ICD 503, applicable NRO, IC, DoD policies, procedures and operating instructions related to information Technology, Information Assurance, Information Management (IT/IA/IM)
• Manage the day-to-day system security including physical and environmental protection, incident handling, and information system security training and awareness.
• Maintain the system security plan (SSP), and other related documents, following NRO, IC, and DoD applicable policies, procedures, and templates.
• Maintain and update asset record in SNOW
• Perform continuous monitoring (ConMon) and periodic self-inspections of information systems to ensure security compliance
• Review Nessus security scans, communicate vulnerabilities to technical stakeholders, and perform remediation
• Support customer responses to ongoing information system audits and reviews in accordance with established schedules
• Ensure change control requirements are documented and tracked
• Monitor and track status of applicable patches including IA Vulnerability Alerts (IAVA), IA Vulnerability Bulletins (IAVB) and Technical Advisories (IA) for the information system.
• Conduct periodic reviews of Privileged User (PU) accounts (Developer, Admin, etc.)
• Assist in the creation of new policies/procedures as needed
• Perform Configuration and Change Management for the security relevant IS software, hardware, and firmware, Event Management, Vulnerability Management, Security Incident Management, POA&M Management, Reauthorization, and Decommissioning of IT asset environments
• Maintain Approval to Operate (ATO), including the resolution of any Plans of Action & Milestones (POA&M) documents
• Maintain and validate account and vulnerability management
• Control, label, virus scan, and appropriately transfer data (uploading/downloading) between various information systems as required and Portable Electronic Device (PED) registrations and tracking.
• Provide security design guidance and analysis to the project team throughout the RMF process
• Perform reviews of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strategies
• Develop and maintain a Data Loss Prevention process to investigate, track, and mitigate security incidents.
• Responsible for implementing and maintaining security services tools within the Risk Management Framework (RMF).
• Maintain effective communication with the ISO, AO or DAO, ISSE, SCA ISSM and CPSO
• Provide briefings on the security posture and compliance status of assigned system(s) to Security Management
Here’s What You’ll Need:
· Current CISSP, CompTIA Security+ CE cert, OR CASP+ CE certification
· Top Secret/SCI security clearance with a Poly
· Experience with ServiceNow, and Security Center (SC)
· Experience with HBSS, EVSS, AND/OR EITA bundle onboarding functions and corresponding tool suite
· Possess skills including organizing, scheduling, conducting, and coordinating work assignments to meet project milestones or established completion dates.
· Self-starter who is proactive, efficient with their time, and able to prioritize tasks on a daily basis.
· Experience with computer networks, applications, processes and accesses.
· Be customer-focused and possess the ability to identify issues, analyze, and interpret data and develop solutions to a variety of moderately complex technical problems.
· Demonstrate strong interpersonal skills to effectively interface with all levels of employees and be able to represent the organization as a knowledgeable resource.
· Thorough working knowledge of all applicable NRO, IC, DoD policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management (IT/IA/IM).
· Bachelor’s Degree and 8 years of work experience or equivalent such as Associate's and 12 yrs. or Master’s degree and 5 yrs. experience
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) and supplemental language (https://www.eeoc.gov/sites/default/files/migrated_files/employers/eeoc_gina_supplement.pdf) .