Information Systems Security Officer I
Overview
The Information System Security Officer (ISSO) is responsible for supporting the implementation, assessment, and continuous monitoring of cybersecurity requirements across multiple Electric Boat (EB) Information Systems (IS) in support of the U.S. Navy. This role operates in a fast‑paced, mission‑critical environment and plays a key part in ensuring system confidentiality, integrity, and availability. This position reports directly to the Chief of Cybersecurity.
The ideal candidate possesses a strong foundation in cybersecurity principles, and the experience to ensure EB ISs are operated and maintained in compliance with all policies and procedures required by the National Institute of Standards and Technology [NIST] Special Publications [SP] 800-53 (NIST SP 800-53) or 800-171 (NIST SP 800-171).
This position requires a balance of technical knowledge and experience, with strong documentation and reporting skills. Responsibilities include:
- Develop and maintain security plan documents (hardware and software baselines, diagrams, user lists)
- Review, track, and process configuration management changes and associated risk assessments
- Process user agreement forms, ensuring users complete necessary training and meet requirements for access
- Develop and maintain system specific policies and procedures
- Collaborate with system and network administrators to validate configurations and ensure compliance with technical security requirements
- Monitor and analyze system and user activity for indications of security concerns
- Monitoring compliance with vulnerability management requirements
- Identify, document, and report non‑compliance and security gaps, and support corrective action planning
- Supporting incident response activities
- Work closely with the Information System Security Manager (ISSM) and system stakeholders to maintain system accreditation and overall security posture
- Offer guidance and subject matter expertise on implementing and maintaining security controls
- Supporting internal and external inspections and assessments
- Assist with assessment, authorization, and continuous monitoring activities throughout the system lifecycle
NOTE: This is NOT a remote position.
Qualifications
Requirements:
- Minimum of A.S. Degree (or higher) in Cybersecurity, Information Technology (IT) or Equivalent, or related certifications OR a minimum of a high school degree and 1+ years related working experience
- 9+ months of experience with Windows and/or Linux operating systems and configuration and hardening standards
- 1+ years of experience with computer networking concepts
- Ability to obtain and maintain a DoD SECRET clearance
Preferred:
- Experience with the NISPOM, DAAPM, RMF process and NIST SP 800-53 Controls or the DFARS 252.204-7012, CMMC and NIST SP 800-171
- Experience with the Enterprise Mission Assurance Support Service (EMASS) or Supplier Performance Risk System (SPRS)
- Experience monitoring and analyzing user and system activity
- Experience with monitoring security relevant applications (e.g. audit collection, vulnerability management, Security Information Event Monitoring (SIEM))
- Two or more years of experience as an ISSO, System/Network Engineer/Architect/Administrator, or in an Equivalent RMF role
- Professional Cybersecurity certification (e.g. Security+, Network+, CISSP)
Skills
- Strong interpersonal, communication, organizational, and time management skills
- Ability to work independently, and collaboratively as part of a multi-functional team in a fast paced and challenging environment
- Strong documentation development and management skills