RavenTek is seeking an innovative and highly driven individual to join our growing MPE Program as an Information System Security Officer
Responsible for ensuring appropriate operational security posture is maintained.
Implement and enforce all Air Force cybersecurity policies, procedures, and countermeasures.
Maintain all authorized user access control documentation IAW applicable AF Records Information Management System (AFRIMS).
Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs)).
Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
Coordinate changes or modifications with the Information System Security Manager (ISSM) and/or the Security Control Assessor (SCA).
Initiate exceptions, deviations, or waivers to cybersecurity requirements.
Assist the ISSM in meeting duties and responsibilities.
Implement and enforce all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation.
Ensure all users have requisite security clearances and access authorization.
Initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities.
Ensure all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals.
Implement the Risk Management Framework (RMF) across multiple programs in accordance with National Institute of Standards and Technology (NIST) and Air Force policy and directives.
Develop artifacts and supporting evidence to satisfy all applicable RMF Controls and corresponding Control Correlation Identifiers (CCI's).
Develop and/or update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks.
Manage system authorization packages and ATO's using Enterprise Mission Assurance Support Service (eMASS).
Required Security Clearance: Top Secret with the ability to obtain SCI eligibility.
5 years direct experience in the last 7 years.
Functional knowledge of DoD and Air Force cyber policies and directives.
Knowledge of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications.
Experience creating DOD RMF packages and associated work products and managing them through the program lifecycle.
Familiar with eMASS and associated workflows.
Familiarity with coalition and multi-national information sharing systems, policies, and environments.
Experience with the Cross Domain Solution (CDS) authorization process.
Required Education and Experience:
Bachelor's Degree in a related discipline (e.g., Computer Science, Computer Information Systems, Math, Engineering).
With at least fifteen years of general experience of which ten years is directly related experience, a degree is not required.
A current DoD 8570 IAM Level II certification (CAP, CASP CE, CISM, CISSP, GSLC) is required.
Employment Type: Full Time / Permanent
Working hours are Monday Friday.
Sitting for extended periods of time
Successful Completion of a Background Screening/Check/Investigation will/may be required as a condition of hire.
ADA: RavenTek will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990.
EEO/AA: RavenTek does not discriminate based on race, color, national origin, sex, religion, age, disability, sexual orientation, gender identity, veteran status, height, weight, or marital status in employment or the provision of services and is an equal access/equal opportunity/affirmative action employer.