New York Seasonal Jobs

Description:

Job Title: Information System Security Officer (ISSO)

Job Code: SAS20230803-98155

Job Location: Rochester, NY

Job Description: Implements the day-to-day information system security program for the assigned secure areas, classified information systems and classified programs under the guidance of the Information System Security Manager (ISSM). Works directly with the Contractor Program Security Officer (CPSO), Program Managers and program personnel to ensure customer regulations, laws and policy are followed (i.e. NISPOM, JSIG, and/or ICD-503). Implements, tests, documents and continuously monitors applicable system security controls with the goal to ensure all systems are authorized to operate. As an on-site security professional, the ISSO’s responsibilities include management and execution of all classified information system security for the facility to include asset management, inspection for prohibited technology, system auditing, user accounts (help desk support), user security support, vulnerability management, vulnerability scanning, document control (sanitization/degaussing/destruction), and system access control.

Exhibits the dedication and expectation of excellence required of a seasoned security professional while working and making decisions independently without direct supervision. The ISSO works as a team player, exhibits flexibility, sets priorities, and manages customer expectations. The ISSO interacts with internal and external customers or Government security officials in performance of security duties. The incumbent is responsible for supporting and enacting all L3Harris corporate policies including the protection of L3Harris’ intellectual property.

Essential Functions:

• Authoring and maintaining bodies of evidence (BOE) for assessment & authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF)

• Perform security control assessments as part of the systems’ initial standup and then executing the continuous monitoring plan

• Overseeing and enforcing the configuration management of assigned systems

• Work with IT organization to develop device and system hardening guides following DISA, JSIG and NIST guidelines

• Analyze and review vulnerability scan data using tools such as Nessus

• Provide vulnerability remediation actions to IT Admins and track vulnerabilities remediation timelines

• Audit systems to ensure security posture is maintained in accordance with applicable guidelines. This will be completed through the use of SIEM tools such as Splunk

• Conduct periodic hardware/software inventory assessments

• Identify ineffective system security controls and work towards establishing a timeline to remediation or risk acceptance.

• Conducts, documents and reports annual self-assessments

• Assist ISSM with investigation of security incident

• Author and deliver security education training to range of audience levels

• Manage and provide media release and transfer between systems of different classifications

• Manage a help desk queue for user accounts and security support

• Responsible for ensuring the formulation, establishment and execution of security policy, procedures and protocols pertinent to the facility consistent with National Industrial Security Program, Joint Special Access Program Implementation Guide (JSIG) or Intelligence Community Directives (ICDs) requirements

• Determine customer security requirements and ensure requisite security access requests with applicable government agencies

• Responsible for effective communications regarding security by interfacing with with external customers (Government, Associate Contractors, Subcontractors, former employees) and teams internal to the L3Harris organization

• Foster teamwork and collaborative efforts among security group members to ensure timely completion of group project tasks and responsibilities.

  Qualifications:

• Bachelor’s Degree and minimum 4 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience.

• An active security clearance is required, TS with SCI Eligibility

• DoD 8570 IAT Level II Certification (Security+ CE)

• 2+ years' experience with the DoD JSIG and/or ICD 503

  Preferred Additional Skills:

• 4+ years’ experience as an ISSO supporting or managing cybersecurity on classified systems

• Experience developing, managing, providing evidence to close POA&Ms associated with the A&A and project management processes

• Experience with building and maintenance networking equipment (Router, Switch, Firewall)

• Experience with Microsoft and Linux based operating systems

• Experience reviewing logs on workstation, server, firewall, & IPS/IDS

• Experience with DISA STIGs and SCAP Compliance Checker

• Experience interpreting vulnerability scanning results (Nessus, ACAS, etc.)

• Experience with ServiceNow CRM

• Experience with DAAPM, JSIG and ICD 503 based authorization and accreditations

L3Harris Technologies is proud to be an Affirmative Action/Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.