This opportunity is for an Information System Security Officer (ISSO) at Raytheon’s Intelligence, Information and Services (IIS) business unit. The ISSO is responsible for daily operations and successful execution of the Information Assurance (IA) program and assets under their purview. The ISSO is expected to execute requirements to include those outlined within NIST Special Publications 800-37, 800-53, USG and local policies and procedures. The candidate must be proficient with the Risk Management Framework (RMF) and Continuous Monitoring (CONMON) activities. Some key activities of the ISSO include:
Register new information systems and carry out Assessment and Authorization (A&A) activities
Prepare artifacts to include System Security Plans (SSP), Security Controls Traceability Matrix (SCTM), Security Concept of Operations (CONOPS), and detailed technical artifacts to support A&A (e.g., hardware/software mappings, information systems and network configuration diagrams)
Work closely with IT System Administrators to ensure (i.e., verify and validate) technical security controls have been implemented and are compliant to the aforementioned key artifacts and requirements
Review audit data, investigate, report, and remediate security incidents
Execute IA sustainment activities (e.g., hardware and software change management, account management, media protection, file transfers, etc.)
Perform Self Inspections, Auditing, and Continuous Monitoring activities
Interface with Internal/External Customers: USG, Program Managers/Directors, IT, Engineering, etc.
Perform IA training and awareness, incident response, investigation, and resolution
The ideal candidate must possess a strong attention to detail, initiative, written and oral communication skills, teaming skills, technical knowledge, customer service, ability to prioritize and manage time, and the ability to creatively find solutions to complex challenges. Must be willing and able to travel as required up to 10% of work schedule. U.S. Citizenship is required.Required Skills:
U.S. Citizen with a current TS/SCI with CI Polygraph
4 years of experience in Information Systems Security/Information Assurance, Security Engineering, or IT Systems Security Administration
Experience supporting various computer hardware platforms and operating systems in both stand-alone and LAN/WAN configurations
DoD 8570.01M compliant Professional Certification (e.g., Security +, CISSP, etc.)
Working knowledge of operating system security features and settings within Microsoft Windows (i.e., Server, Client) and Linux platforms
Proficient in Microsoft Office applications (i.e., Word, Excel, PowerPoint, Visio)Desired Skills:
In-depth knowledge of ICD-503, NIST Special Publications, CNSS policies, instructions and other requirements associated with RMF.
Practitioner level knowledge and experience with NIST Special Publications 800-37 and 800-53 are essential
Experience with various information system security tools and functions that address vulnerability analysis and mitigation. These may include ACAS, HBSS, STIGS, Log Analysis tools, Anti-Virus, endpoint protection, patch management, SIEMs, etc.
Demonstrated ability to act independently, prioritize tasks, and manage to schedule
Strong written and oral communication skills that include public speaking and presentation
This position can be a G08 or G09, based on education, experience and skillset.Required Education:
Bachelor’s Degree in Computer Science, Information Systems, Information Assurance, Cybersecurity, or related field of study. May substitute experience for education, (i.e., no degree plus 12 years of directly related experience, Associate’s degree plus 8 years of directly related experience.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Security, All, Warfighter Support Services
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated approximately $6 billion in 2016 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
JBRaytheon ICJBMeta // SKCYB85