Bowhead seeks a Mid-Level Information System Security Officer to support our customer on the PICRD II contract in Colorado Springs, CO.
Responsibilities• Contribute to planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations.
• Act as alternate COMSEC Responsible Officer (CRO), as designated by ISSM, and manage any additional sub-account users as required.
• Assist in ensuring all classified and controlled systems comply with government-defined security requirements and federal regulations.
• Support the functions of SL-ISSM and SL-ISSO for HQ USSPACECOM sponsored projects up to Top Secret Collateral classification, including SAPs.
• Ensure system authorization packages consider requirements from government agencies and system stakeholders.
• Support HQ USSPACECOM Joint Cyber Cell (JCC) in complying with cyber tasking orders and IA/cybersecurity programs.
• Assist in vulnerability testing and risk analysis as part of DoD and Air Force authorization processes.
• Identify and implement security hardening and corrective actions for hardware, software, applications, and business management procedures.
• Ensure proper implementation of corrective actions and support planning/execution of risk management activities.
• Baseline and improve USSPACECOM risk and security posture, including threat updates, security configuration control, and system security review for software/system purchases and integration.
• Review Cybersecurity Network Defense (CND) tool reports and work with USSPACECOM Government Cyber leadership on RMF packages and ATO status updates.
• Provide updates for monthly documentation on system status, cybersecurity posture, and executive status briefings.
• When ISSM is not available, participate in the Cybersecurity Working Group (CSWG).
• Assist in development, implementation, oversight, and maintenance of an organization cybersecurity program.
• Assist to administer the cybersecurity program, enforce cybersecurity policies/procedures, and ensure all users have requisite security clearances and cybersecurity training.
• Ensure users receive cybersecurity refresher training annually and maintain required countermeasures and compliance measures.
• Assist with implementation and compliance measures IAW DoDI 8010.01, DoDI 8510.01, DoDI 8500.01, AFMAN 17-130, and AFI 10-712.
• Initiate requests for exceptions, deviations, or waivers to cybersecurity requirements and criteria.
• Support and coordinate with the Data Custodian and Government Project Owner/Manager for information security risk management.
• Maintain current system information in the approved RMF accreditation system and conduct hardware/software inventory assessments.
• Provide initial and recurring A&A Interim Authority to Test (IATT) and Authority to Operate (ATO) packages.
• Ensure RMF and ATO packages are complete, accurate, and ready for Command ISSM and AO review.
• Assist with assessments by the Defense Industrial Base Cybersecurity (DIB CS)/Cybersecurity office.
• Review the audit trail of systems weekly for abnormal activities and provide requested metrics (at least once per month).
• Support with NOTAMs, IAVAs, and other security/vulnerability advisories.
• BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE institution.
• Over four years of technical experience.
• Meets the Core and Additional Knowledge, Skills, and Abilities Tasks (KSATs) defined in the DCWF for Work Role 612 (NIST: SP-RM-002).
• Experience performing as a COMSEC Responsible Officer (CRO). Experience creating messages required, for the COMSEC controlling authority’s approval, to obtain NSA’s approval to issue Keying Material (KEYMAT).
• Experience keying, configuring, initializing and operating COMSEC equipment, troubleshooting system failures.
• Experience conducting vulnerability testing and analysis on DoD networks.
• Experience developing RMF packages and conducting ATO Status updates to include drafting of Assessment and Authorities (A&A) Interim authority to Test (IATT) and Authority to Connect (ATC) packages.
• Experience with COMSEC, Computer Security (COMPUSEC), and TEMPEST.
• Experience on Notice to Airman (NOTAM) and Information Assurance Vulnerability Alert (IAVA) and security/vulnerability advisories.
Certification Requirements:
• Required: CompTIA Sec+
• Desired: CASP+, Cloud+, GSEC, PenTest+
SECURITY CLEARANCE REQUIRED: Must currently hold a Top Secret security clearance with SCI eligibility.
Physical Demands:
• Must be able to lift up to 25 pounds
• Must be able to stand and walk for prolonged amounts of time
• Must be able to twist, bend and squat periodically
#LI-MN1
Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC’s Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant’s resume/application may be subject to verification.
Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.
UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (https://uicalaska.com/careers/recruitment/).
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar company recognized as a top Alaska Native Corporation providing services across the Department of Defense and many federal agencies. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs. Join our Talent Community!
Join our Talent Community to receive updates on new opportunities and future events.
Application FAQsSoftware Powered by iCIMS
www.icims.com