Your Impact: Are you searching for a professional environment that encourages personal and educational development and dedication to the mission?
Join a team of security experts who are dedicated to protecting and securing our customers' systems at both the enterprise and program level. Our specialists work closely with others in the RMF process to ensure the highest level of security for every system.
Amentum is seeking an Information Systems Security Officer (ISSO) Senior for a prime contract that is based out of our Columbia, MD office. As the ISSO Sr., you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be expected to maintain Authority to Operate compliance for all assigned systems.
The work environment is fast-paced and sometimes involves deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Our program includes easily available process information and support from others with similar positions across the team.
Responsibilities: - Provides support for a program, organization, system, or enclave's information assurance program.
- Provides assistance for proposing, implementing, and enforcing information systems security policies, standards, and methodologies.
- Provides daily oversight and direction to ISSOs.
- Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves.
- Provide guidance and technical expertise on all matters that impact or effect the security of the information system.
- Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
- Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package.
- Conduct configuration management for security-relevant changes to software, hardware, and firmware.
- Perform and deliver security impact analyses of changes to the system or its environment of operation.
- Assess the effectiveness of system security controls on an ongoing basis to determine system security status.
- Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments.
- Provides configuration management for security-relevant information system software, hardware, and firmware.