Job Description
Title: Information System Security Officer (ISSO)
Belong. Connect. Grow. with KBR!
KBR?s National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country?s most critical role ? protecting our national security.
KBR is seeking an Information System Security Officer (ISSO) to join our team in Albuquerque, NM. This is an excellent opportunity to join a small, hand selected systems security engineering team defining the next generation of space communication systems supporting US Space Force and Space Systems Command (SSC) Spectrum Warfare Systems Delta (SZW).
You will support Systems Engineering & Integration (SE&I) activities in a multidisciplinary and collaborative environment. You will work onsite, co-located and closely integrated with the Government Customer.
Why Join Us?
Innovative Projects: KBR?s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions.
Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace.
Impactful Work: Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense.
Key Responsibilities:
Maintain detailed knowledge and expertise required to manage the security aspects of our information system
Maintain responsibility for the day-to-day security operations of our system
Participate in Information Technology (IT) architecture design reviews to assess and ensure compliance with cybersecurity requirements
Work with Information Systems Security Engineers (ISSEs) and the Information Systems Security Manager (ISSM) to ensure cybersecurity principles are embedded in systems engineering efforts for ground and space systems
Integrate the Risk Management Framework (RMF) throughout the system acquisition lifecycle
Develop, coordinate, and implement cybersecurity strategies as a sub-component of the Program Protection Plan
Create, review, and assess RMF related artifacts for acceptable implementation of cybersecurity principles
Evaluate and apply government cybersecurity (DoD, NIST, FIPS, and CNSS) policies and instructions and provide timely and effective recommendations on system implementation to maintain or achieve compliance
Conduct program and technical risk assessments to determine necessary cybersecurity protection measures, and effectively advocate for resources as required
Consult with customer and work with developers to provide solutions to challenging cybersecurity architectures, and clearly articulate those solutions to leadership
Interface with other government organizations during security evaluation of engineering design solutions
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package
Integrate cybersecurity assessments into developmental and operational testing and evaluation plans
Evaluate the continued effectiveness of implemented protection measures within the authorization boundary
Assist the Information Systems Security Manager (ISSM) in meeting his/her duties and responsibilities. Assume ISSM responsibilities in the absence of the ISSM
Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change
Formally notify the ISSM and Authorizing Official (AO) when changes occur that might affect system
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
Ensure audit records are collected, reviewed, and documented (to include any anomalies).
Work Environment:
Location: On-site
Travel Requirements: Minimal
Working Hours: Standard
Required Qualifications:
+ Bachelor's degree in Cybersecurity, Engineering, or a related scientific or technical discipline (3 years work experience in cybersecurity may be considered in lieu of Bachelor's degree)
4+ years of work experience in Information Assurance/Cybersecurity
Experience as an Information Systems Security Officer (ISSO) for a complex system
Computing Technology Industry Association Security + Certification
Ability to translate cybersecurity related policies and guidance into system requirements
Experience with cybersecurity assessment and authorization processes such as the Risk Management Framework
Understanding of common vulnerabilities and associated risk mitigation strategies
Experience with cybersecurity policy and processes, architectures, testing and evaluation procedures
Effective interpersonal and team-building skills, to engage at both the engineer and management levels to build confidence and collaboration between team members
Strong written and verbal communications skills
Understanding of risk management principles and their application within an information system
DoD 8570.01-M IAT Level III approved cybersecurity baseline certification
The ability to work in a secure, confined location (i.e., SCIF)
Must have an active TS/SCI clearance to be considered for this position
Preferred Qualifications:
5+ years of work experience in Information Assurance/Cybersecurity
Master?s degree in Cybersecurity, Engineering, or a related scientific or technical discipline
Certified Information Systems Security Professional (CISSP) Certification or equivalent
+ Understanding and experience in the acquisition life cycle for information systems
Experience in security control evaluation, testing, and assessment in complex system environments
Familiarity with security tools for implementing and assessing security compliance (e.g. SCAP, STIGS, ACAS)
Experience deploying and maintaining a Security Information and Event Management system for a multiple operating system enterprise
Scheduled Weekly Hours: 40
Basic Compensation: $120,000 - $150,000
The offered rate will be based on the selected candidate?s knowledge, skills, abilities and/or experience and in consideration of internal parity.
Additional Compensation:
KBR may offer bonuses, commissions, or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus, relocation benefits, short term incentives, long term incentives, or discretionary payments for exceptional performance.
Belong, Connect and Grow at KBRAt KBR, we are passionate about our people and our Zero Harm culture.
These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company.
That commitment is central to our team of team?s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver ? Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
Belong. Connect. Grow. with KBR!
KBR?s National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country?s most critical role ? protecting our national security.
KBR is seeking an Information System Security Officer (ISSO) to join our team in Albuquerque, NM. This is an excellent opportunity to join a small, hand selected systems security engineering team defining the next generation of space communication systems supporting US Space Force and Space Systems Command (SSC) Spectrum Warfare Systems Delta (SZW).
You will support Systems Engineering & Integration (SE&I) activities in a multidisciplinary and collaborative environment. You will work onsite, co-located and closely integrated with the Government Customer.
Why Join Us?
Innovative Projects: KBR?s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions.
Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace.
Impactful Work: Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense.
Key Responsibilities:
Maintain detailed knowledge and expertise required to manage the security aspects of our information system
Maintain responsibility for the day-to-day security operations of our system
Participate in Information Technology (IT) architecture design reviews to assess and ensure compliance with cybersecurity requirements
Work with Information Systems Security Engineers (ISSEs) and the Information Systems Security Manager (ISSM) to ensure cybersecurity principles are embedded in systems engineering efforts for ground and space systems
Integrate the Risk Management Framework (RMF) throughout the system acquisition lifecycle
Develop, coordinate, and implement cybersecurity strategies as a sub-component of the Program Protection Plan
Create, review, and assess RMF related artifacts for acceptable implementation of cybersecurity principles
Evaluate and apply government cybersecurity (DoD, NIST, FIPS, and CNSS) policies and instructions and provide timely and effective recommendations on system implementation to maintain or achieve compliance
Conduct program and technical risk assessments to determine necessary cybersecurity protection measures, and effectively advocate for resources as required
Consult with customer and work with developers to provide solutions to challenging cybersecurity architectures, and clearly articulate those solutions to leadership
Interface with other government organizations during security evaluation of engineering design solutions
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package
Integrate cybersecurity assessments into developmental and operational testing and evaluation plans
Evaluate the continued effectiveness of implemented protection measures within the authorization boundary
Assist the Information Systems Security Manager (ISSM) in meeting his/her duties and responsibilities. Assume ISSM responsibilities in the absence of the ISSM
Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change
Formally notify the ISSM and Authorizing Official (AO) when changes occur that might affect system
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
Ensure audit records are collected, reviewed, and documented (to include any anomalies).
Work Environment:
Location: On-site
Travel Requirements: Minimal
Working Hours: Standard
Required Qualifications:
+ Bachelor's degree in Cybersecurity, Engineering, or a related scientific or technical discipline (3 years work experience in cybersecurity may be considered in lieu of Bachelor's degree)
4+ years of work experience in Information Assurance/Cybersecurity
Experience as an Information Systems Security Officer (ISSO) for a complex system
Computing Technology Industry Association Security + Certification
Ability to translate cybersecurity related policies and guidance into system requirements
Experience with cybersecurity assessment and authorization processes such as the Risk Management Framework
Understanding of common vulnerabilities and associated risk mitigation strategies
Experience with cybersecurity policy and processes, architectures, testing and evaluation procedures
Effective interpersonal and team-building skills, to engage at both the engineer and management levels to build confidence and collaboration between team members
Strong written and verbal communications skills
Understanding of risk management principles and their application within an information system
DoD 8570.01-M IAT Level III approved cybersecurity baseline certification
The ability to work in a secure, confined location (i.e., SCIF)
Must have an active TS/SCI clearance to be considered for this position
Preferred Qualifications:
5+ years of work experience in Information Assurance/Cybersecurity
Master?s degree in Cybersecurity, Engineering, or a related scientific or technical discipline
Certified Information Systems Security Professional (CISSP) Certification or equivalent
+ Understanding and experience in the acquisition life cycle for information systems
Experience in security control evaluation, testing, and assessment in complex system environments
Familiarity with security tools for implementing and assessing security compliance (e.g. SCAP, STIGS, ACAS)
Experience deploying and maintaining a Security Information and Event Management system for a multiple operating system enterprise
Scheduled Weekly Hours: 40
Basic Compensation: $120,000 - $150,000
The offered rate will be based on the selected candidate?s knowledge, skills, abilities and/or experience and in consideration of internal parity.
Additional Compensation:
KBR may offer bonuses, commissions, or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus, relocation benefits, short term incentives, long term incentives, or discretionary payments for exceptional performance.
Belong, Connect and Grow at KBRAt KBR, we are passionate about our people and our Zero Harm culture.
These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company.
That commitment is central to our team of team?s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver ? Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
Key skill Required
- Architecture
- Cybersecurity
- Logistics
- Articulate
- Assurance
- Audit
- Authorization
- Clearance
- Collaboration
- Collaborative Environment
- Commitment
- Communication
- Compliance
- Computing
- Design
- Discipline
- Effectiveness
- Event Management
- Firmware
- Guidance
- Implementation
- Information Assurance
- Information System
- Innovation
- Integration
- Intelligence
- Leadership
- Management
- Multidisciplinary
- National Security
- Operating System
- Orientation
- Passionate
- Philosophy
- Policies and Procedures
- Program Management
- Protection Plan
- Risk Management
- Risk Management Framework
- Risk Mitigation
- Science
- Security
- Security Compliance
- Security Control
- Security Engineering
- Security Information and Event Management
- Security Operations
- Security Solutions
- Supportive
- System Implementation
- System Recovery
- System Requirements
