Experience Inc. Jobs

Description

Is your idea of fun getting hands-on experience with networks and servers and building an Information System from the ground up? If so, this is the perfect job for you! Bring your “A” game and join us in the role of Information System Security Officer (ISSO)! Applied Research Associates, Inc. (ARA) is currently looking for a tenacious, logical, and detail-oriented team player capable of diagnosing complex Information Technology (IT) problems. The ISSO is a key member of the security team that supports the Assessment and Authorization (A&A) process for information systems under the jurisdiction of the Defense Counterintelligence and Security Agency (DCSA). The ISSO is responsible for ensuring that the information system complies with the security requirements and controls specified in the DCSA Defense Assessment and Authorization Process Manual (DAAPM) and other applicable policies and regulations. As part of our IT Team, this person will be comfortable working independently but also enjoy working collaboratively and building close relationships with colleagues. This type of individual is willing to proactively take ownership of challenges and is happy to support occasional after-hours work. ARA is a 100% employee-owned company that offers excellent benefits package that includes medical, dental, vision, retirement and more. This position is located in the city of Niceville, Florida on the gulf coast of Florida.

ARA offers an excellent benefits package that includes:

• 401-K Retirement (both Traditional and Roth) with employer matching

• Employee Stock Ownership Plan

• Various insurance options including Flexible Spending Plan and a Health Savings Account (HSA)

• Paid leave and holidays

ISSO Responsibilities include:

• Familiarity with the Defense Counterintelligence Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) roles and responsibilities for the ISSO, as outlined in Section 3.7

• Coordinate with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) to ensure the highest level of cybersecurity compliance for unclassified and classified information systems

• Maintain the Information Systems (IS) security program and policies for assigned areas of responsibility IAW the DCSA DAAPM, assigned NIST 800-53 controls, and other guidance as assigned by the ISSM.

• Review and analyze all audit data at least weekly to ensure user activity adheres to operational security policy and procedures.

• Review of network device System Log (syslog) information to correlate to system level activity across multiple information systems.

• Support ISSM oversight of operational IS security implementation policy and Risk Management Framework (RMF) guidelines to the system administrators.

• Support ISSM in the development and documentation of the Plan of Action and Milestones (POA&M) and produce actions to mitigate identified risks.

• Perform Continuous Monitoring (ConMon) tasks as assigned by the ISSM and documented within the System Security Plan.

• Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event.

• Administration of DISA STIG compliance as it relates to Operating Systems and applications.

• Facilitate and track all Information System Account requests and expirations for accounts.

• Responsible for the preparation and demonstration of compliant classified IS’s in advance of a DCSA assessments.

• Identity and Authorization Management (IAM), including user, group, and role on both Windows and Linux systems.

• Actively participate in the development and implementation of an effective IS security education, training, and awareness program

• Other duties as assigned

ISSO Qualifications:

• Position requires 2 to 4 years of related security experience.

• DoD Directive 8140.03 (previously DoD 8570): candidate must meet the requirements of an IAT Level II as a condition of employment

• Applicant must be a United States citizen and be able to obtain and maintain an Active DoD Security Clearance.

ISSO Skills:

• RMF Continuous Monitoring Tooling and Systems (ACAS/Tenable, STIGViewer, SCAP Compliance Checker, etc.)

• Cybersecurity tools (Tenable Security Center, Trellix ePO, Tanium, WSUS, RedHat Satellite)

• System Administrator experience with Windows Server/Workstation OS, Linux (Red Hat Enterprise Linux)

• Ability to manage users on both Windows and Linux environments, security policies (GPO’s, SELinux, etc.), domain management (Active Directory, DNS, File Server, etc.), STIG/hardening actions, Troubleshooting (Event Viewer, top, netstat, systemctl, etc.)

• National Industrial Security Program Operating Manual (NISPOM), The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements

• Excellent verbal and written communication skills

• Attention to detail with high level of accuracy and confidentiality

• Initiative, reliability, teamwork and customer service orientation

Additional Consideration for:

• Bachelor’s degree in Computer Science, Management Information Systems or equivalent is desired, but not required.

• eMASS experience

• Scripting and Automation with Shell (Powershell, Bash), Ansible Playbooks

• Writing Policy and Procedure documentation

• SIEM tools (Wazuh, Splunk, SolarWinds Security Event Manager)

• DCSA Authorization and Assessment Experience

• NIST 800-53 Security Control Experience

Company Details:

Applied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 2,250 professionals and is rapidly growing. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.

At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns’ greater creativity and initiative along with higher performance and customer satisfaction levels. ARA gives its employees the tools, training, and opportunities to take more active roles as owners. The culture is challenging; innovation and experimentation are the norm. Employees are recognized and rewarded for their contributions which not only add to the company’s success, but also their own through the Employee Stock Ownership Plan (ESOP). The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience. For additional information and an opportunity to join this unique workplace, please visit our website at www.ara.com.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)