Information Systems Security Officer/IA
The Johns Hopkins Applied Physics Laboratory (JHU/APL), is an independent, nonprofit organization located midway between Washington, DC and Baltimore, MD that conducts essential research, development, and systems engineering to address national security challenges. JHU/APL is seeking an experienced Information Systems Security Officer/IA to join our team of highly qualified and diverse staff members.
Information Assurance and Systems Administration Support for complex multi-platform (Linux/Windows) classified networks. Responsible for the deployment and enforcement of system security standards in accordance with FISMA, NIST, RMF, NISPOM, DAAPM, and related DoD publications. The individual will serve as the information systems security plan officer and collaborate with a team of network engineers and security professionals to implement technical solutions to maintain network security compliance. The individual will conduct security audits, vulnerability audits, and partake in mitigation solutions. The individual will perform systems administration for multi-platform networks with respect to security compliance. The individual will manage and maintain all information systems security package documentation to DoD/DSS standards.
- Maintain a working knowledge of Government and Laboratory security policies and procedures and the requirements of the Federal Information Security Management Act (FISMA), National Industrial Security Program Operating Manual (NISPOM), National Institute of Standards and Technology (NIST 800-53), DSS Assessment and Authorization Process Manual (DAAPM), DoD Information Assurance Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF).
- Plan, develop, document, and execute information systems security plans transition to RMF. Develop and maintain POA&M's, Information Assurance Vulnerability Management Plan, network diagrams, and related IT plan documentation.
- Conduct vulnerability assessments and continuous monitoring of operational and technical security controls employed by secure networks consisting of Linux and Windows operating systems. Collaborate with network engineers on technical solutions for risk mitigation.
- Experience with security-related software such as SCAP, Open SCAP, Ansible, STIGS, STIG Viewer, NESSUS/ACAS, HBSS, McAfee, and related.
- Implement and maintain server solutions to meet requirements under RMF.
- Install, configure, test, and deploy Linux/Windows systems in accordance with established DoD guidelines for OS hardening. Oversee and enforce appropriate configuration management for Domain networked devices.
- Serve as a member of the Configuration Control Board in the review and approval of changes to network security.
Note: This job summary and listing of duties is for the purpose of describing the position and its essential functions at time of hire and may change over time.
- BS degree in Cyber Security, Computer Science, Computer Information Systems, Information Technology, Information Assurance, Systems Engineering, Mathematics, or a comparable field with equivalent years of experience.
- Minimum of three years experience in one of the following roles: ISSO/Information Assurance Specialist, Systems Administration, or as a Cyber Security Professional for information system security plans
- Systems Administration support for a Linux and Windows environment
- Current DoD 8570 IAT Level II Certification
- Upon hire, completion of DSS STEPP Risk Management Framework (RMF) certification
- Experience with DoD Risk Management Framework (RMF)
- Experience with DoD Information Assurance Certification and Accreditation Process (DIACAP)
- Experience with NISPOM
- Experience in the lockdown of current Windows and Linux Operating Systems
- Experience with DISA STIGS, STIG viewer, SCAP, and like tools
- Experience with continuous monitoring tools (e.g. HBSS or ACAS)
- Demonstrated ability to maintain a high level of security awareness among IT users
- Ability to meet aggressive objectives, set priorities to meet customer requirements, and exhibit excellent judgement
- Strong interpersonal and documentation skills
- Ability to work independently with minimal guidance as well as a collaborative environment
- Active Secret Clearance
- MS degree in Cyber Security, Computer Science, Computer Information Systems, Information Technology, Information Assurance, Systems Engineering, Mathematics or a comparable field of study
- DoD 8570 IAT Level III Certification (CASP, CISA, CISSP, GCIH, GCED)
- Four or more years as an ISSO, Information Assurance, CyberSecurity Professional for multiple information system security plans to include cross platform computing and complex network environments
- Experience as a Systems Administrator for Linux and Windows networked environments
- Top Secret Clearance
Special Working Conditions:
Working in Closed Areas.
Applicant selected will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.
APL offers a comprehensive benefits package including a liberal vacation plan, a matching retirement program, significant educational assistance, a scholarship tuition program for staff with dependents, and competitive salaries commensurate with skills and experience. For more information about our organization, please visit our web site at www.jhuapl.edu.
Equal Employment Opportunity:
Johns Hopkins University/Applied Physics Laboratory (APL) is an Equal Opportunity/Affirmative Action employer that complies with Title IX of the Education Amendments Acts of 1972, as well as other applicable laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Back to top