Information System Security Officer

VETERAN'S PREFERENCE Company Overview: By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide. Cole Engineering Services (CESI), a By Light company, is recognized as a premier provider of modeling and simulation (MandS) training solutions to the Federal Government and industry. Since 2004, CESI has been at the forefront of developing, maintaining, and integrating simulation-based training, serious gaming, technical services, training and other support in live, virtual, constructive, and gaming (LVCG) domains. CESI also designs, builds and runs infrastructure, platforms, applications and processes that enable cyber training for the integrated multi-domain force. Our vision is to become a worldwide full spectrum LVCG and cyber training/analysis developer, integrator and services provider. **Position Overview:**Cole Engineering (CESI) is looking for a technically proficient Information Systems Security Officer (ISSO) who will perform critical engineering tasks to develop and maintain the cybersecurity posture, as well as Authority to Operate (ATO), of Department of Defense (DoD) information systems. Candidates will work individually and within a team to develop customized technical solutions to unique problems. Candidates will work on various architectures, classifications, and technologies so a desire to perform research to identify creative and unique solutions is highly preferred. **Required Experience/Qualifications:** - Develop creative technical and procedural solutions to effectively secure information systems without introducing significant operational overhead. - Develop Risk Management Framework (RMF) documentation to include but not limited to: System Security Plan (SSP), Hardware/Software List, Acceptable Use Policy (AUP), Accreditation Diagrams, Incident Response, Disaster Recovery and Contingency Plans. - Perform technical analysis of security functions to comply with NIST SP 800-53A controls and ensure the protection of computer systems, networks, and information. - Validate security components are operating efficiently through inspection of technical artifacts (ACAS Scans, and STIG Checklists) - Develop justification and mitigating countermeasures to reduce or eliminate risk level of an identified vulnerability through developing a Plan of Action and Milestone (POAandM) - Minimum 5 years of experience working as a Cyber Security Engineer or Analyst or 2 years of experience in an ISSO role. - Demonstrated ability to act independently, prioritize tasks, and effectively manage development timelines. - Formal technical documentation skills. - This position requires certifications necessary to meet IAT II in accordance with DoD 8570-01-M. - One or more of the following certifications are required within 90 days of hire date. - GSEC; Security+ - SSCP - CCNA Security - CEH **Preferred Experience:** - Technical experience implementing and maintaining enterprise management tools - Technical experience with virtualization solutions (VMware, Hyper-V, RedHat Virtualization) - A strong understanding of the RMF process within eMass. - Experience working with STIG checklists and utilizing tools such as eMASSter - Experience with scanning tools such as ACAS - A bachelors degree and at least five years of professional experience in a cybersecurity role - An active intermediate Professional Security related certification (CISSP, CASP, CySA) - An active SECRET Security Clearance **Special Requirements/Security Clearance:**<