Information System Security Officer (ISSO)

DescriptionIs your idea of fun getting hands-on experience with networks and servers and building an Information System from the ground up? If so, this is the perfect job for you! Bring your “A” game and join us in the role of Information System Security Officer (ISSO)! Applied Research Associates, Inc. (ARA) is currently looking for a tenacious, logical, and detail-oriented team player capable of diagnosing complex Information Technology (IT) problems, implementing workarounds and rapidly resolving incidents. As part of our IT Team, this person will be comfortable working independently but also enjoy working collaboratively and building close relationships with colleagues. This type of individual is willing to proactively take ownership of challenges and is happy to support occasional after-hours work.Responsibilities

Ensuring audits are performed, collected, and analyzed in accordance with established security policy.

Conducting periodic Information Assurance (IA) assessments using automated tools and manual testing, documenting findings and identifying corrective actions.

Ensuring systems are operated, maintained, and disposed of securely.

Implementing the Risk Management Framework (RMF) Continuous Monitoring Strategy for secure systems.

Ensuring all account management documentation is completed prior to adding, deleting, or modifying accounts.

Monitoring system recovery processes to ensure security features and procedures are properly restored and functioning as intended.

Maintaining all training and certification requirements.

Working together with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) as part of the security team, performing additional Information Technology (IT) duties, as required.

CompetenciesRequired: 2 years relevant experience with the following technologies –

Windows Domain Environments

Active Directory Domain Services (ADDS)

Windows 10 Enterprise

Windows Server 2016/2019/2022

DoD Risk Management Framework (RMF)

Machine and User Security Auditing

Preferred: 2 years relevant experience with the following technologies –

Windows Group Policy Management (GPOs)/Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).

Monitoring and auditing technologies

DCSA RMF process

Stand-alone enclave networks

Linux RHEL 7/8/9

NIST 800 Special Publication (SP) family

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

DoD DevSecOps processes

DoD DevSecOps Continuous Integration / Continuous Deployment (CI/CD)

Agile methodologies and practices

ExperienceRequired: Position requires 2 to 4 years of related experience.Preferred: Experience in maintaining networks in a secure government environment would be a distinct advantage to the applicant. Security+ certification preferred. Previous experience as an ISSO/ISSM is desired, but not required.Applicant must be a United States citizen and be able to obtain and maintain an Active DoD Security Clearance.Company InformationApplied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 1700 professionals and is rapidly growing. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns greater creativity and initiative along with higher performance and customer satisfaction levels. ARA gives its employees the tools, training, and opportunities to take more active roles as owners. The culture is challenging; innovation and experimentation are the norm. Employees are recognized and rewarded for their contributions which not only add to the company’s success, but also their own through the Employee Stock Ownership Plan (ESOP). The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience.Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)