Senior Specialist, Information System Security Officer (ISSO)

L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

L3Harris Technologies is the Trusted Disruptor in the defense industry. With customers’ mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.

Job Title: Lead, Information System Security Officer (ISSO)

Job Code:23368

Job Location: Sterling, VA

Job Schedule: 9/80

Job Description:

We are seeking an experienced Information System Security Officer (ISSO) to support the Information System Security Manager (ISSM) in securing government-authorized systems. The ISSO will be responsible for creating and maintaining documentation related to the Assessment & Authorization (A&A) process, ensuring compliance with the Risk Management Framework (RMF), ICD 503, and NISPOM standards. Key duties include conducting security control assessments as part of the Continuous Monitoring Plan, overseeing configuration management, and collaborating on the development and implementation of system hardening guides based on DISA and NIST guidelines. The ISSO will audit systems to maintain security posture, conduct hardware/software inventory assessments, identify deficiencies in security controls, develop Plans of Actions and Milestones (POA&Ms), and manage remediation efforts. Additionally, the role involves conducting annual self-assessments, investigating security incidents such as data spills and malicious events, and providing security education and training to various audiences. Overall, the ISSO will ensure the ongoing operational security of assigned systems, mitigate risks, and contribute to maintaining a secure information environment.

Essential Functions:

• Author and maintain Assessment & Authorization (A&A) documentation of assigned systems.
• Perform security control assessments and execute Continuous Monitoring Plans.
• Work with IT and system administration organizations to develop device and system hardening guides following DISA and NIST guidelines.
• Maintain patching compliance along with hardware and software baselines.
• Responsible for customer interface in the tracking and resolution of POA&Ms.
• Ensure all systems are comprehensively monitored for anomalous activity.
• Manage the incident response process for areas of responsibility.
• Develop new concepts, standards, and training material which make significant and impactful improvements to processes, systems, solutions, or products.
• Lead inventory and asset management discovery and tracking activities.
• Work with site leadership to improve the security posture of systems and the facility.
• Perform vulnerability, compliance, and network mapping scans on information systems and work with system administrators to address vulnerabilities.

Qualifications:

• Bachelor’s Degree and minimum 9 years of prior relevant experience. Graduate Degree and a minimum of 7 years of prior related experience. In lieu of a degree, minimum of 13 years of prior related experience.
• Minimum 8 years of prior relevant experience to include experience with networking equipment; experience interpreting vulnerability scanning results (e.g. Nessus, Rapid7, etc.); experience reviewing workstation, server, firewall, & IPS logs; experience with SIEM tools.
• Active Top Secret//SCI security clearance with CI Polygraph.

Preferred Additional Skills:

• DoD 8570.01-M IAT III certification.
• DoD 8570.01-M IAM II certification.
• Experience as an ISSO managing cybersecurity on classified systems under multiple agencies’ JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53 implementations.
• Experience developing, managing, and providing evidence to close POA&Ms associated with the A&A and project management processes.
• Experience with workstation and server operating systems, including but not limited to Microsoft and Linux offerings.
• Experience conducting scans with tools such as Tenable Nessus, Rapid7 Nexpose, and Nmap within various operating system environments (i.e., Windows and Linux).

• Experience with project management and collaboration applications including Jira and Confluence.

• Be able to work independently with minimal oversight.
• Willingness to submit to a Lifestyle (FS) polygraph.
• Flexibility to adjust to changing requirements, schedules, and priorities.
• Able to socialize ideas, make recommendations, and gain team consensus.
• Excellent time management and task prioritization skills.
• Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammates.
• High level of personal motivation and initiative to learn and acquire new skills.

#LI-FS1

L3Harris Technologies is proud to be an Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.

Please be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.

By submitting your resume for this position, you understand and agree that L3Harris Technologies may share your resume, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions.

L3Harris Technologies is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish.