Raytheon CODEX boasts nearly 50 talented engineers and support staff in Annapolis Junction, Maryland. Our office offers a casual work environment with fully stocked cafeterias, game rooms, and dynamic research labs. Free-lunch Thursdays allow employees to mingle with co-workers and a flexible schedule provides the freedom to balance work, play, and family time. Additional activities include many historic attractions in downtown Washington D.C., sports venues, nightlife, and multiple performing-arts centers that add to the vibrant and exciting culture of our nation’s capital.
Raytheon CODEX is a technology-focused company with great growth and career opportunities. We are passionate about meaningful work that challenges the mind and encourages collaboration as we work to solve the nation’s toughest challenges. Raytheon CODEX emphasizes career development, technical excellence, and passion for the mission. We provide the tools, training, and the support needed to ensure long-term success. We are a fast-paced, dynamic organization that puts our customers first while remaining casual, fun, and family-oriented.
This job opportunity is for a Sr. Information Assurance Cyber Specialist II that will serve as an Information System Security Officer (ISSO) position at the Raytheon CODEX facility in MD.
The selected candidate will be responsible for day-to-day effective execution of the Cybersecurity program to include (but not limited to):
- The ISSO will apply current technologies to the design, development, evaluation, and integration of computer information systems and networks to maintain system security.
- They will work with internal customers and commercial computer product vendors in the evaluation of state-of-the-art secure COTS applications, operating systems, networks, and database products and technologies.
- They will provide security and integration services to internal customers including IT, Program Managers, ISSEs, ISSMs, and ISSOs.
- They will be involved in a wide range of issues including secure architectures, secure electronic data traffic, network security, information security, and compliance with government regulations.
- The ISSO will develop RMF BOE documentation for manual and automated systems environments.
- They will ensure the protection of company and customer data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification.
- The ISSO is responsible for the execution of the Cybersecurity program as stipulated by various USG requirements documents including (but not limited to): NISPOM, DAAPM, JSIG, ICD 503, and associated NIST documentation.
The ideal candidate will possess strong written and oral communications skills, in-depth technical aptitude, exemplary customer service skills, strong time management skills, the ability to creatively find solutions to complex challenges, and the ability to multi-task and thrive in a fast-paced environment. This position will report directly to the Raytheon CODEX ISSM.
- Maintain operational security posture of assigned systems to ensure information systems security policies, standards, and procedures are established and followed.
- Develop and maintain various portions of RMF BOEs of assigned systems, including but not limited to SSPs, RARs, POAMs, SCTMs, SOPs, test plans, and other associated documents.
- Work with IT personnel to help design, test, configure, and manage an official security baseline that meets NIST requirements for servers, workstations, routers, switches, firewalls, etc.
- Oversee rework related to the resolution of configuration issues for those items that fail to meet established baseline requirements.
- Monitor performance of technical security controls assessments and baseline validations in order to identify vulnerabilities and control deficiencies as part of continuous monitoring program.
- Provide oversight to Cybersecurity sustainment activities including hardware/software change management, account management, auditing, media protection, training, file transfers, etc.).
- Perform self-inspections, audits, baseline validations, and other CONMON activities.
- Perform initial and annual general/privileged user training and associated functions.
- Support various actions related to cyber incident response, investigation, and resolution.
- Manage changes to systems and access the security impact of those changes.
* This position will require the successful completion of a full-scope polygraph examination. Must be able to obtain and maintain and have an active TS/SCI with polygraph Security Clearance with multiple customer bases* This position will require the candidate to obtain and maintain a Cybersecurity Professional certification commensurate with their role (e.g. IAM Level 1, Level 2, etc.)Required Skills:
Must be willing and able to travel as required up to 10% of work schedule.Desired Skills:
- 4+ years of experience in Cybersecurity, information systems security, or security engineering.
- Experience and/or familiarity with Secure Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs), Federal Information Security Management Act (FISMA) and other tools using industry best practices.
- Experience developing System Security Plans (SSPs) and supporting RMF Bodies of Evidence.
- Experience supporting various computer hardware platforms and multiple operating systems in both stand alone and LAN/WAN configurations.
- Working knowledge of operating systems security features and settings (e.g. Windows, UNIX, Linux, and OS X).
- Proven ability to make sound decisions and implement all aspects of information systems security as it applies to NISPOM Chapter 8, DAAPM, JSIG, ICD 503, NIST SPs, and other government doctrine.
- Professional demeanor, good interpersonal skills, and ability to excel in a high-paced multi-tasked environment.
- Demonstrated ability to act independently, prioritize tasks, and manage to schedule.
- Willingness to perform security tasks outside specialty (e.g. program security) and be proficient in Microsoft Applications (Word, Excel, Power Point, Access, Visio, etc.).
- Strong communication skills with the ability to communicate effectively in both oral and written modes, and be able to author and present subject specific presentations.
Required Education (including Major): Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or related field of study; or 6 years of experience in lieu of education.
- Experience with computer forensic tools and investigation methodologies.
- Experience with various information system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS, Nessus, SECSCN, DISA SRR, Retina, etc.
- Working knowledge of Wide-Area and Local Area Networks (WAN/LAN), to include Cisco-based routers, switches, and firewalls.
- DoDD 8570.1M/8140 compliant Professional Certification (e.g. Security +, CISSP, GSEC, etc.).
- Current Top Secret clearance with SCI access and polygraph.
- Prior ISSO/ISSM or alternate ISSO/ISSM experience.
- Self-starter with ability to work independently, customer service orientated.
- In-depth knowledge of NIST special publications, CNSS policies and instructions.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.