IAP Worldwide Services

Apply for this job

Information Security System Officer (Finance)



As the Information System Security Officer , you will be responsible for maintaining the integrity and security of enterprise-wide systems, networks, and applications. You will manage cyber security initiatives through predictive and reactive analysis, articulating emerging trends to leadership and staff. As an active player during enterprise incident response efforts, you will drive incidents to timely and complete resolution. You will review threat data from various sources and develop detection and response capabilities. You understand attack signatures, tactics, techniques, and procedures associated with advanced cyber security threats, and can conduct vulnerability audits and assessments. You will partner and work with the Information Technology department and other Intrepid departments to help remediate findings effectively and efficiently.

As the ISSO, you are expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals in partnership with Intrepid professionals. You'll hold a comprehensive understanding of Intrepid's network environment and develop strategies and processes to securely monitor, protect and defend sensitive data and assets from attack.

ESSENTIAL JOB FUNCTIONS:

  • Develop and execute information security policies and standards.
  • Maintain and update system security plans (SSPs), risk assessments, and POA&Ms in compliance with NIST SP 800-171, NIST SP 800-53, and CMMC requirements.
  • Assist in development and management of Business Impact Analyses (BIA) and Continuity of Operations (COOP) planning
  • Manage Controlled Unclassified Information (CUI) handling
  • Review and assess current cyber security tool set to assist in detection, prevention, and analysis of security threats.
  • Assist in the development of security strategies to respond to and recover from a security breach with strong understanding of Security Operation Center (SOC) operations both on premise and managed.
  • Respond to cybersecurity incidents, conduct investigations, and support incident reporting in accordance with federal guidelines.
  • Interface with government security representatives (e.g., DCSA, DCMA, DoD) during inspections or audits.
  • Provide security awareness training and guidance to users and system owners (i.e. anti-phishing program, monthly cyber updates, etc.)
  • Responsible for the ownership of multiple security products through lifecycle e.g., Data Loss Prevention (DLP), Vulnerability Management, SIEM etc.
  • Lead end-to-end cybersecurity assessments of third-party vendors-draft and manage questionnaires, review audit reports, and negotiate security clauses-understand both U.S. and U.K. requirements.
  • Assist in the software-approval process for on-premises and SaaS solutions and evaluate against security baselines
  • Exhibit leadership skills to lead Intrepid professionals in the resolution of cybersecurity findings by coordinating and using resources on other teams to deliver complex projects and new capabilities for the organization in security space.
  • Exhibit consistency of security project & product delivery involving highly complex projects.
  • Build cybersecurity reports and dashboards for Information Technology and executive management.
  • Review IT systems and business processes to identify information security risks and regulatory non-compliance, and guide remedy of issues noted.
  • Design and deliver training on various Cyber Security initiatives.
  • Monitor and use security toolsets to identify suspicious and malicious activities and inadequate security practices across Intrepid's network (e.g., analyze network traffic, vulnerability scans, identification of computer viruses, unauthorized user activity) which may compromise the integrity and availability of systems.
  • Perform risk assessments and mitigation planning.
  • Facilitate internal and external penetration testing.
  • Participate in ongoing enhancements to the security of existing technologies including network, anti-malware, firewall, IDS/IPS, PKI, etc.
  • Provide ongoing gap analysis of current controls, policies, practices, and procedures as they relate to relevant guidelines outlined by DFARS, NIST 800-171, OMB, FISMA, etc.

EDUCATION & EXPERIENCE:

  • Bachelor's degree in Cyber Security, Computer Science, or related field.
  • 7+ years of experience in a senior information security role.
  • 3+ years of solid understanding of Cyber Security & IT controls, network / systems / application penetration testing and vulnerability assessments
  • Experience with NIST 800-171, NIST 800-53, DFARS and ISO & CMMC frameworks and audits.
  • Experience with HIPAA, HITECH, GDPR, and other IT security governing bodies
  • Familiarity with SCIF/SCAR environments and related security requirements
  • Experience using Windows / Unix / Linux / iOS systems in server and workstation environments. Strong understanding of hardware / software and cloud environments.
  • Expert in analyzing and investigating network and system intrusions, malware attacks and recommend / implement prevention methods.
  • Experience with Data Loss Prevention (DLP) systems, implementation, and process in on premise and cloud environment.
  • Experience in cyber security incident response and breach investigations including forensic investigations.

LICENSES & CERTIFICATIONS:

  • At least one DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DoD 8570 (CISSP, CCISO, CASP, CAP, CISM)

KNOWLEDGE & SKILLS:

  • Excellent verbal and written communication skills.
  • Advanced problem-solving and analytical skills.
  • Accuracy and attention to detail and quality orientation is a must.
  • Must be able to self-organize workloads and manage all deadlines.

TRAVEL: Less than 10%

SECURITY CLEARANCE: Top Secret, or the ability to obtain

Intrepid Global Solutions, LLC.

www.intrepidgs.com

Intrepid Global Solutions, LLC. (IGS), is a leading international services company that provides a broad spectrum of services and solutions to U.S. and international government agencies, and organizations. As a world-class leader in providing seasoned program management, IGS leverages and integrates its capabilities - IT & Communications, Aviation & Engineering Solutions, Power Solutions, Infrastructure & Logistics - to provide safe, innovative, and reliable solutions to meet customers' diverse and complex challenges.

Intrepid Global Solutions, LLC. ("IGS" and/or "Company") and its affiliates, including but not limited to IAP World Services, Inc., and subsidiaries is an EOE, including disability/vets.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Apply

Apply Here done