Information System Security officer (ISSO) - Security Clearance Required

Kratos Defense & Security Solutions, Inc., is a leading defense technology company focused on unmanned systems, satellite communications, cyber security/warfare, microwave electronics, missile defense, training, and combat systems. Our customers include the U.S. federal government, foreign governments, commercial enterprises, and state and local government agencies. At Kratos, we prioritize affordability as a cornerstone of our technology. We leverage proven, cutting-edge methodologies and technology to minimize costs, streamline schedules, and mitigate risks, ensuring timely delivery of cost-effective solutions to market.

Kratos Unmanned Aerial Systems (KUAS), a division of Kratos Defense, is renowned for its expertise in developing, delivering, integrating, and supporting high-performance, cost-effective, jet-powered Unmanned Aerial Systems (Targets and Tactical). As a mid-tier defense contractor, we've demonstrated agility and innovation in providing aircraft to the US military and global allies and partners. Our track record of delivering top-notch jet-powered subscale targets has established us as a go-to defense contractor capable of delivering capabilities at an affordable price.

At KUAS, we prioritize innovation, collaboration, and growth. Our team collaborates to cultivate a supportive and dynamic workplace, fostering creativity and promoting professional development while honoring personal and family lives. Join our team and help shape the future of unmanned technology within the defense industry today!

GENERAL JOB SUMMARY:

The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO) and Information System Security Manager (ISSM) on all matters, technical and otherwise. The ISSO will perform a classified cyber security role supporting multiple programs with working knowledge of the Risk Management Framework (RMF).

ESSENTIAL JOB FUNCTIONS:

• Maintains/recommends changes of the cybersecurity program to the ISSM.



• Participates in the development and implementation of security procedures.
• Works with ISSM to develop operational information systems security.
• Leverages guidance pertinent to all applicable directives and publications



• Participates in the generation and maintenance of RMF documentation.
• Plays an active role in monitoring a system and its environment of operation to include developing and updating the system artifacts, managing, and controlling changes to the system and assessing the security impact of those changes, in close coordination with the ISSM.
• Reviews artifacts pertinent to an information system ensuring Authorization to Operate (ATO) compliance.
• Coordinates with ISSM/CPSO on approval of external information systems
• Maintains, per individual system and its accreditation, a baseline of configuration, hardware, software, and firmware.
• Maintains, updates, and executes information system continuous monitoring plan.
• Ensures data ownership and responsibilities are established for each IS and specific requirements (e.g., accountability/access/special handling requirements) are enforced.
• Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.



• Maintains a working knowledge of system functions, security policies, technical security safeguards and operational security measures.
• Ensures adherence to these information system security policies and procedures.
• Ensures proper procedures are followed, per the Cyber Incident Response Plan, when information system security incidents are discovered.
• Disseminates appropriate documentation to all applicable personnel.



• Assist with development of an effective information system security education, training, and awareness program.
• Ensures initial, annual and ias needed training is accomplished and documented.



• Prepares audit/event reports for ISSM review, highlighting any/all anomalies.
• Ensures events captured are as outlined in applicable directives and publications.



• Participates in scheduling periodic testing to evaluate the security posture of IS.
• Coordinates with disinterested parties to employ various intrusion attacks.
• Ensures all system security-related vulnerabilities are documented and ensure serious/unresolved violations are reported to the AO/DAO



• Ensures systems are operated, maintained, and disposed of according to the policies and procedures outlined in the security authorization package.
• Advises users on the proper operation of a specific IS as outlined in its SCTM.
• Assists SAs in the approved maintenance procedures as approved by the ATO.
• Provides guidance, based on component classification, before purging and release



• Ensures system administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks.
• Confirms domain/local policies are configured to meet regulatory requirements.
• Monitors system backup and recovery processes to ensure security features and procedures can be properly restored and are functioning correctly.



• Serves as member of the configuration change board (CCB).
• Coordinates any configuration changes of a system with the ISSM prior to the change.
• Assesses changes to the system/operational needs that could affect its accreditation.
• Voting/veto member of the CCB for all systems.



• Assists with coordination between Kratos Security and Defense and Government authorities regarding system security posture requirements.
• Participates in information system security inspections, tests, and reviews.
• Ensures ISSM understands inspection timelines, operational impacts, and results.
• Serve as a member of the COMSEC Team.
• The ISSO shall assume ISSM responsibilities in the absence of or if no ISSM is assigned.
• Assists the ISSM in meeting their duties and responsibilities.



• Interfaces with internal and external customers, program managers, IT, security staff, etc.
• Maintains required DoDD 8570.01 IAM level II certifications.
• Attends required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.





• Provides technical guidance as a non-voting member of the configuration change board.
• Other duties may be assigned.

SUPERVISORY RESPONSIBILITY:

None

COMPENSATION:

$100,000 - $140,000

Keyword: Cyber security, RMF documentation, ISSO
Required Experience:

KNOWLEDGE, SKILLS & ABILITIES:

Required:

• Ability to maintain sensitive and confidential information as required by government standards.
• Ability to interact effectively with peers and supervisors.
• Ability to interact appropriately with the public when necessary.
• Ability to adhere to workplace rules.
• Ability to effectively communicate professionally in writing or verbally with all levels of personnel.

Preferred:

N/A

EDUCATION AND EXPERIENCE:

Required:

• Must have active security clearance (within 5 years of last investigation)
• 2+ years of ISSO experience in a TS/SCI environment supporting a government customer or 7+ years as System Administrator/Cyber Support to classified systems
• Must be willing and able to be SAP briefed
• Experience conducting vulnerability scans and interpreting results
• Certification level to meet DOD Directive 8570.01-M IAM II requirements

Preferred:

• BS/BA in Information Technology, Computer Science
• Security + or Higher Certification

WORK ENVIRONMENT/PHYSICAL REQUIREMENTS:

• Office and/or manufacturing environment.
• Ability to stand and sit for long periods of time.
• Ability to perform repetitive motion (keyboarding, 10-key, phones).
• May be required to lift up to 50 pounds in accordance with KUAS General Safety Training guidelines.
• May work extended hours or weekends and have on-call schedule/duties.

TRAVEL REQUIREMENTS:

25%-50% travel may be required between customer site and/or other Kratos Unmanned Division locations.

#LI-Onsite

From: Kratos Defense