Information System Security Officer

Ready for What's Next? At Kratos, we encourage an entrepreneurial spirit balanced with discipline. We work hard, and take care of our customers, employees, and families. Recognized as thought leaders in our industry, we are motivated by creating and delivering innovative solutions to our nation and global customers.

Kratos has an exciting opportunity for an Information System Security Officer (ISSO) to support system operations in the execution of information assurance policies and activities. The ISSO serves as the principal advisor to the Lead ISSO and the Information System Security Manager (ISSM) on all matters, technical and otherwise, for the security of the operational system. The ISSO will perform a classified cyber security role supporting multiple sites with working knowledge of the Risk Management Framework (RMF) to maintain an operational security posture to ensure security policies, standards, and procedures are followed. The ISSO will also support vulnerability and risk assessment analyses to maintain the system Authorization To Operate (ATO) and maintain configuration management for information system security software, hardware, and firmware.

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel (~25-30%) may be required to domestic and foreign customer site locations.

• Perform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities.
• Participate in regular security self-inspections and audits.
• Assist with the implementation of security features for systems and applications.
• Identify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle.
• Maintain a standardized set of security product requirements and produce metrics to report performance against those requirements.
• Review and define security diagnostics and tools to facilitate the analysis and reporting of security events.
• Assist other teams with mitigating security risks, responding to product security incidents, and product security related issues.
• Manage system access and revocation requests. Track and verify DoD certification requirements in accordance with DoD 8140 guidance.
• Execute the IS Continuous Monitoring (ConMon) Plan and Strategy activities.
• Prepares audit / event reports for ISSM review, highlighting any / all anomalies.
• Ensures all system security-related vulnerabilities are documented in the Plan Of Action & Milestones (POA&M); Ensure serious / unresolved violations are reported to the ISSM to be forwarded to the Authorizing Official (AO) / Delegated Authorizing Official (DAO).
• Assists System Administrators (SAs) in the approved maintenance procedures as approved by the ATO.
• Coordinates any configuration changes of a system with the Lead ISSO and ISSM prior to the change.
• BS in Information Technology, Computer Science.
• 3+ years of ISSO experience in a TS / SCI environment supporting a government customer or 5+ years as System Administrator / Cyber Support to classified systems.
• A current Security+ CE, CASP+, or equivalent cybersecurity certification to meet DoD Manual 8140.03 IAT II requirements
• Knowledge of current RMF requirements, supporting National Institute of Standards and Technology (NIST) standards, and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) selection and implementation.
• Intermediate knowledge / experience working with STIGViewer, and Tenable Assured Compliance Assessment Solution (ACAS).

To include configurations of policies for ACAS.

• Experience conducting vulnerability scans, STIG compliance scans / checklists, and results analysis.
• Experience conducting auditing, ConMon activities, and results reporting.
• Self-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment.
• Able to clearly communicate technical concepts orally and in written forms to internal and external audiences.
• Capable of working in a fast-paced team environment.
• Excellent organizational and communication skills and able to effectively interact with managers and technical staff.
• Active Top Secret Security Clearance with SCI Eligibility; Must be willing and able to be SAP briefed.

Desired Skills and Experience

• Familiarity with computer network operating systems to include Microsoft Windows, Red Hat Enterprise Linux (RHEL), and Linux-based operating systems.
• Knowledge / experience with McAfee / Trellix ePolicy Orchestrator (ePO), Splunk,

To include configurations of policies for ePO; and

• Dashboard configurations within Splunk
• Knowledge of network infrastructure and related protocols to include Cisco firewalls, routers, and switches.
• Experience supporting Account Management.
• Experience working with XACTA.
• Experience working with Microsoft WSUS Servers, RHEL YUM Servers, PowerShell Scripting, SteelCloud ConfigOS, Confluence / JIRA, and / or VMware ESXi.

LI-Onsite

The grade-based pay range for this job is listed below. Individual salaries within that range are determined through a wide variety of factors including but not limited to education, experience, knowledge, and skills.

Competitive salary based on experience and education

Salary Range : $81,000 - $126,000

Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offerings-from commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.

This posting will close within 90 days from the Posting Date.