Kellogg Brown & Root (www.kbrjobs.com)
Information Systems Security Officer (ISSO)
This position will be a part of a team developing recommended courses of action needed to transition current policies and procedures to the Risk Management Framework (RMF) approved processes. Provide solutions to complex problems that require the regular use of expertise and creativity.
-Identifies key stakeholders in the A&A effort for medical systems and networks and works with them to confirm that the system documentation reflects the current security configuration of the system, in terms of hardware and software components, data flow, interconnections, and ports, protocols, and services
-Identifies potential risks associated with the configuration of the system and appropriate mitigation strategies
-Conducts status meetings and determines next steps in moving the systems toward a successful accreditation effort
-Works with the cybersecurity team to develop and implement the detailed test plan and review findings from self-assessment to determine readiness for independent assessment
-Assist in drafting “Authorization to Operate” (ATO) packages for new and existing systems.
-Provide subject matter expertise in all cyber security initiatives and help in explaining new guidance.
-Draft documentation needed to announce new cyber security initiatives and participate building and implementing processes surrounding cyber security.
-Provide cyber security reports to DHA leadership, conduct scans and participate in the process to obtain ATO status for systems determined by DHA and/or MTF leadership.
-Complies with MTF cyber security program implementation plan, and ensures compliance with DHA management policies.
-Assists the system owners and system SAs in interpreting and applying mitigation strategies
-Ensure compliance with data security policies and relevant legal and regulatory requirements in accordance with DHA directives and applicable Risk management Framework (RMF) requirements.
-Ensure appropriate changes and improvement actions are implemented as required.
-Ensure compliance with protection requirements, control procedures, incident management reporting, remote access requirements, and system management for all systems under scope.
Education: BS degree in Engineering, Physics, Network Security, Information Systems or Computer
Experience: Six (6) years of experience in Engineering, Systems Analysis, Medical Systems,
Information Assurance, Web Development, or Engineering Management to include: Systems Analysis,
Systems Architecture, Systems/Equipment Support, Test and Evaluation, and Logistics support of C4ISR
requirements. Three (3) years of technical experience in support of information assurance/network
protection or virtualization projects. Note: Experience may be concurrent. Advanced degrees substitute
for experience as follows: Ph.D. – five (5) years of experience; MS – two (2) years of experience
Clearance: Must have an active Secret clearance.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
Scheduled Weekly Hours:40
KBR is a global provider of differentiated professional services and technologies across the asset and program lifecycle within the Government Solutions and Energy sectors. KBR employs approximately 38,000 people worldwide (including our joint ventures), with customers in more than 80 countries, and operations in 40 countries, across three synergistic global businesses:
Government Solutions , serving government customers globally, including capabilities that cover the full lifecycle of defense, space, aviation and other government programs and missions from research and development, through systems engineering, test and evaluation, program management, to operations, maintenance, and field logistics
Technology Solutions , featuring proprietary technology, equipment, catalysts, digital solutions and related technical services for the monetization of hydrocarbons, including refining, petrochemicals, ammonia and specialty chemicals, as well as inorganics
Energy Solutions , including onshore oil and gas; LNG (liquefaction and regasification)/GTL; oil refining; petrochemicals; chemicals; fertilizers; differentiated EPC; maintenance services (Brown & Root Industrial Services); offshore oil and gas (shallow-water, deep-water, subsea); floating solutions (FPU, FPSO, FLNG & FSRU); program management and consulting services
KBR is proud to work with its customers across the globe to provide technology, value-added services, integrated EPC delivery and long term operations and maintenance services to ensure consistent delivery with predictable results. At KBR, We Deliver .