AECOM Laboratory Support System & Operation Info System Security Officer in Kennedy Space Center, Florida

Business Line Government

Position Title Laboratory Support System & Operation Info System Security Officer

United States of America - Florida

Kennedy Space Center

Job Summary

AECOM has been awarded the Laboratory Support Services & Operations (LASSO) Contract at Kennedy Space Center and we are seeking candidates to fill the positions

Purpose and Scope:

Performs ISSO duties under the guidance of the Information System Security Manager (ISSM) or a senior ISSO on assigned government-authorized systems. Tasks and focused responsibilities include Information System security requirements and risk assessments, vulnerability scans, security tests and regulations, monitoring events log, and maintaining network health and security.

Essential Responsibilities:

  • Direct report to Government Security Agency Information Security Officer (SAISO) on all matters of system security for ongoing authorizations of systems.

  • Develops and implements the information security program which comprises of the FISMA assessment and authorization (A&A) process in accordance with the Risk Management Framework (RMF) and the continuous monitoring process.

  • Develops and ensure compliance of security policy and processes based on FISMA and government agency requirements.

  • Reviews and approves Risk Assessment Reports (RAR), System Security Plan (SSP) Packages prior to submission to the government for assessment & authorization (A&A) to ensure compliance with all systems security requirements.

  • Develops and manages the security education, training & awareness program, vulnerability assessment team (VAT), and incident response team (IRT).

  • Responsible for the coordination efforts and security deliverables for 3rd party external audits.

  • Manages, trains and coordinates day-to-day activities of Information Assurance personnel to ensure work completion dates are achieved and are in accordance with government deadlines.

  • Serves as the principal advisor to the information system owner on all matters (technical and otherwise) involving the security of the information system. An ISSO can provide oversight of multiple systems.

  • Assists in the development of security policy and processes.

  • Provides security education training to range of audience levels.

  • Communicates closely with customers to ensure requirements are effectively communicated, coordinated and scheduled for implementation.

  • Develops and maintains documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF) throughout the Systems Development Life Cycle (SDLC) process.

  • Performs, documents and reports security control assessments as part of the continuous monitoring process.

  • Investigates security incidents and recommending corrective actions.

  • Ensures compliance with government and company security policies.

  • Performs other position related duties and responsibilities as directed.

Other Responsibilities:

Safety - AECOM enforces a safety culture whereby all employees have the responsibility for continuously developing and maintaining a safe work environment. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.

Quality - Quality is the foundation for the management of our business and the keystone to our goal of customer satisfaction. It is our policy to consistently provide services that meet customer expectations. Accordingly, each employee must conform to the AECOM Quality Policy and carry out job activities in compliance with applicable AECOM Quality System documents and customer contracts. Each employee must read and understand his/her Quality Management and Customer Satisfaction responsibilities.

Procedure Compliance - Each employee must read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to their job.

Minimum Requirements

AS Degree in Computer Science/Information Assurance or equivalent experience required. Two years directly related experience in computer science or cyber security related field. Certification’s such as CISSP, CAP, CISA, Security+ a plus. Thorough understanding and knowledge of computers and their peripherals and operating systems under NIST 800-53 and/or JSIG, NISPOM Ch8. Must possess a strong working knowledge of computer systems and system software. May be required to obtain and maintain appropriate security clearance.

Preferred Qualifications

Bachelor’s degree in Computer Science/Information Assurance or equivalent. Experience with FISMA/RMF/NIST SP 800-53, Certified Information Systems Security Professional (CISSP); Familiarization with Industrial Control Systems (ICS); SCADA systems and Laboratory instrumentation systems.

What We Offer

AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow.

AECOM is an equal opportunity employer and Minorities, Females, Veterans, and Disabled persons are encouraged to apply. For further information, please click here at http://www.aecom.com/content/wp-content/uploads/2016/01/EEO-is-the-Law-poster-supplement.pdf to view the EEO Is The Law poster.

NOTICE TO THIRD PARTY AGENCIES:

Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.

Job Category Information Technology

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 166947BR