Specialist, Information System Security Officer (ISSO)

L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers' mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

L3Harris Technologies is the Trusted Disruptor in the defense industry. With customers' mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.

Job Title : Specialist, Information System Security Officer (ISSO)

Job Code : 22085

Job Schedule : 9 / 80 REG

Job Description :

An experienced Information System Security professional with extensive expertise in cybersecurity and a strong ability to operate effectively under the general supervision of the Information System Security Manager (ISSM). Works collaboratively with Information System Owner(s), systems engineers, program management, and engineering teams to communicate, interpret, and implement cybersecurity processes, practices, and procedures across the organization. Possesses a deep understanding of the complexities of information system security and plays a critical role in aligning cybersecurity initiatives with broader organizational goals.

Proactively recommends and drives enhancements to information systems, security protocols, and related processes to improve overall security posture. Takes full responsibility for the day-to-day security operations of multiple systems, ensuring that each remains compliant with established security standards and frameworks. The candidate is well-versed in information technology, information system security, and the Risk Management Framework (RMF), applying this knowledge to manage and mitigate risks, track system vulnerabilities, and ensure the continuous safeguarding of organizational assets.

Additionally, supports the identification and implementation of best practices for security governance, risk management, and compliance (GRC) within the organization. Assists in the development of security policies, procedures, and documentation, ensuring that all activities adhere to industry standards and regulatory requirements. Demonstrates a proactive approach to security incident response and recovery, fostering a culture of security awareness and continuous improvement across all information systems.

Essential Functions :

• Authoring and maintaining Body of Evidence (BOE) artifacts to support Assessment & Authorization (A&A) of assigned systems in compliance with the Risk Management Framework (RMF) and applicable security standards
• Conducting comprehensive information system audits to assess compliance with security policies and regulations
• Performing detailed security control assessments to verify the effectiveness of security measures and identify gaps
• Overseeing and managing the configuration of information systems, ensuring compliance with security baselines and best practices
• Collaborating with the IT organization to develop and update device and system hardening guides based on NIST guidelines, industry standards, and customer-specific requirements
• Conducting periodic and ad-hoc hardware / software inventory assessments to ensure proper asset tracking and vulnerability management
• Implementing and overseeing continuous monitoring activities to detect and mitigate security threats and vulnerabilities on assigned information systems
• Remediating security control deficiencies through collaboration with cross-functional teams and tracking resolution progress
• Investigating and responding to security incidents, including data spills, malware infections, and other events compromising system integrity and confidentiality
• Assisting the Information Systems Security Manager (ISSM) in meeting their duties, including risk assessments, compliance tracking, and security documentation
• Providing security awareness training and guidance to system administrators and other staff to ensure adherence to security best practices
• Coordinating vulnerability scanning, patching, and updates to ensure systems remain secure and up to date

Qualifications :

• Bachelor's Degree and a minimum of 4 years of prior related experience or 2 years post-Secondary / Associates Degree and a minimum of 8 years of prior related experience. Graduate Degree or equivalent with a minimum of 2 years of prior related experience.
• TS / SCI security clearance (w. CI Polygraph preferred)
• Minimum DoD 8570 Baseline Certification IAM Level I; i.e. Security+ CE or the ability to obtain within 6 months of hire.

Preferred Additional Skills :

• 4+ years of experience as an Information System Security Officer (ISSO), supporting or managing cybersecurity for classified systems, ensuring compliance with regulatory requirements and organizational security standards.
• Proven experience in developing, managing, and providing evidence to close Plan of Actions and Milestones (POA&Ms) related to Assessment & Authorization (A&A) and project management processes, ensuring timely and accurate remediation of security vulnerabilities.
• Collaborative team player with the ability to effectively communicate and contribute to cross-functional teams in a dynamic, fast-paced environment
• Exceptional time management skills with a demonstrated ability to prioritize tasks, manage multiple assignments, and meet deadlines in complex project settings.
• Extensive experience with building, configuring, and maintaining networking equipment, including routers, switches, and firewalls, ensuring proper system functionality and security posture.
• In-depth experience with both Microsoft and Linux-based operating systems, supporting system administration tasks and maintaining security controls across diverse environments.
• Skilled in reviewing and analyzing logs from various sources, including workstations, servers, firewalls, and Intrusion Prevention / Detection Systems (IPS / IDS), to identify security events and anomalies.
• Hands-on experience with DISA Security Technical Implementation Guides (STIGs) and SCAP Compliance Checker, ensuring system configurations meet established security baselines.
• Expert in interpreting vulnerability scanning results from tools such as Nessus, ACAS, and others, assessing risk levels and assisting in remediation efforts to mitigate identified vulnerabilities.
• Self-motivated with a high level of personal initiative to continuously learn and acquire new skills, staying up-to-date with the latest cybersecurity trends, tools, and technologies.
• Experience with ServiceNow CRM, leveraging the platform for incident management, workflow automation, and service desk support.
• Proficient in supporting DAAPM, JSIG, and ICD 503-based authorization and accreditation processes, ensuring compliance with government security requirements for classified systems.

In compliance with pay transparency requirements, the salary range for this role in New York State is $79,000 - $146,500. This is not a guarantee of compensation or salary, as final offer amount may vary based on factors including but not limited to experience and geographic location. L3Harris also offers a variety of benefits, including health and disability insurance, 401(k) match, flexible spending accounts, EAP, education assistance, parental leave, paid time off, and company-paid holidays. The specific programs and options available to an employee may vary depending on date of hire, schedule type, and the applicability of collective bargaining agreements.

LI-FS1

L3Harris Technologies is proud to be an Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.

Please be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.

By submitting your resume for this position, you understand and agree that L3Harris Technologies may share your resume, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions.

L3Harris Technologies is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish . For information regarding your Right To Work, please click here for English or Spanish .

Information System Security Officer Isso • Rochester, NY, United States