Job Description: This opportunity is for an Information System Security Officer (ISSO) at Raytheon’s Intelligence, Information and Services (IIS) business unit. The ISSO is responsible for successful execution of Information Assurance (IA) requirements for Special Programs. The ISSO will be responsible for performing Risk Management Framework (RMF) activities outlined in applicable governing documents such as: JSIG, CNSS, ICD 503, NIST Special Publications 800-37 and 800-53, and various DoD Manuals/Instructions/Guides.The candidate must be proficient with RMF and Continuous Monitoring (ConMon) activities. Some other key activities of the ISSO include:
The ideal candidate must possess strong attention to detail, initiative, written and oral communications skills, teaming skills, technical knowledge, customer service, ability to prioritize and manage time, and the ability to creatively find solutions to complex challenges. This position can be a G08/G09, based on education, experience and skillset.
- Register new information systems and perform Assessment and Authorization (A&A) activities
- Prepare artifacts to include System Security Plans (SSP), Security Controls Traceability Matrix (SCTM), Risk Assessment Reports (RAR), Security Concept of Operations (CONOPS), and detailed technical artifacts to support A&A (e.g., hardware/software mappings, information systems and network configuration diagrams)
- Work closely with IT System Administrators to ensure (i.e., verify and validate) security controls have been implemented and are compliant with requirements
- Review audit data, event logs, investigate, report, and remediate security incidents
- Execute IA sustainment activities (e.g., hardware and software change management, account management, media protection, assured file transfers, etc.)
- Works closely with the Information Systems Security Manager (ISSM)
- 4+ years of experience in Information Systems Security/Information Assurance, Security Engineering, or IT Systems Security Administration
- In-depth knowledge of RMF, JSIG, NIST Special Publications, CNSS policies, instructions and other requirements associated with RMF. Practitioner level knowledge and experience with NIST Special Publications 800-37 and 800-53 are essential
- Experience with various information system security tools that address vulnerability analysis and mitigation. These may include ACAS, HBSS, STIGS, operating system logs and log analysis tools, Anti-Virus, endpoint protection, patch management, etc.
- Knowledge of computer forensic tools and investigative methodologies
- Knowledge of typical operating systems and key security features
- Knowledge of TCP/IP networking, intrusion detection, network monitoring, security incident and event management
- Proven ability to act independently, prioritize tasks, and manage to schedule
- Proficient in Microsoft Applications (Word, Excel, PowerPoint, Visio, etc.)
- Strong communication skills with the ability to communicate effectively in both oral and written modes, and be able to author and present subject specific presentations. Comfortable with public speaking
- Must be willing and able to travel as required up to 10% of work schedule
- DoD 8570.01M compliant professional certification (e.g., Security +, CISSP, etc.)
- Bachelor’s Degree in Computer Science, Information Systems, Information Assurance, Cybersecurity, or related field of study; or 8 years of directly related experience in lieu of education
Required Education (including Major):
- US Citizen with current TS/SSBI
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated approximately $6 billion in 2016 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
Security Clearance: SSBI - Current
Relocation Eligible: No
Security, Warfighter Support Services, All