Information Systems Security Officer

• Security Policy Implementation: Assist Information System Security Managers (ISSMs) in the development, implementation, and enforcement of security policies, standards, and procedures to ensure the protection of information systems and data.
• Configuration Management: Ensure that all information systems are configured securely according to DoD & organizational policies, industry's best practices, and security baselines.
• Risk Management: Conduct risk assessments to identify potential security threats and vulnerabilities. Develop and implement mitigation strategies to reduce risk and ensure business continuity. Assess the impact of changes in the IT environment and update the risk management framework accordingly.
• Security Compliance: Ensure that information systems comply with relevant government and industry standards, such as NIST, and DoD regulations. Demonstrate familiarity with RMFprocesses for assessments and authorization efforts to prepare and maintain documentation for ATO compliance activities.
• Continuous Monitoring: Implement and manage continuous monitoring processes to maintain compliance with ATO requirements. Utilize Security Information and Event Management (SIEM) tools (e.g., Greylog, ElkStack, Splunk) to monitor system activities, analyze logs, and identify & report suspicious behavior & anomalous findings.
• Security Audits: Conduct regular security audits and assessments to evaluate the effectiveness of security measures and identify areas for improvement. Develop and implement remediation plans to address identified vulnerabilities.
• Collaboration: Work closely with other IT and security professionals, including system administrators, network engineers, and security analysts, to ensure a coordinated approach to cybersecurity. Liaise with external stakeholders & partnering agencies as needed.
• Documentation: Maintain comprehensive documentation of security policies, procedures, system configurations, and security incidents. Prepare reports for management on security status, compliance efforts, and incident response activities.
• Security Enhancements: Research, evaluate, and recommend security enhancements to improve the overall security posture of the organization. Stay updated with the latest security trends, technologies, and threats.

• Minimum of 3 years of experience in a similar ISSO or cybersecurity role.
• Proficiency in using security tools and technologies, such as VLANs, SIEMs, Static Application Security Testing (SAST) tools, network monitoring tools, and endpoint protection platforms (EPP).
• In-depth knowledge of network security, application security, and endpoint security principles.
• Strong understanding of operating systems (Windows, Linux, etc.) and their security configurations.
• Hands-on experience with ElkStack or other similar SIEM applications for security monitoring and log analysis.
• Experience with security compliance and regulatory requirements, including NIST USAF, and DoD regulations.
• Strong analytical and problem-solving abilities, with the capability to analyze complex security issues and develop practical solutions.
• Excellent written and verbal communication skills, with the ability to effectively communicate technical information to both technical and non-technical stakeholders.
• Ability to work independently and collaboratively in small team environments.
• Must possess a Secret clearance.
• Must hold a minimum Cybersecurity certification, such as Security+ or an applicable DoD 8140 certification (e.g., GSEC, CISM, CGRC, CISSP).

• Experience with eMASS.
• Experience with on-premise cloud instantiations.
• Experience with Microsoft Azure or Amazon Web Service configurations.
• Experience supporting Cross Domain Solutions
• High attention to detail.

• Associates degree and 2 additional years of relevant experience
• Bachelors degree(Preferred)

• 
  
  
  
  Interesting Work:
  
  
  
  Our co-workers support some of the most important and critical programs to our national defense and security.
  
  
• 
  
  
  
  Values:
  
  
  
  Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.
  
  
• 
  
  
  
  100% Employee Owned:
  
  
  
  We have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.
  
  
• 
  
  
  
  Great Benefits - Most Full-Time Staff Are Eligible for:
  
  
  




• 
  Starting PTO accrual of 20 days PTO/year + 10 holidays/year
  
• 
  Flexible schedules
  
• 
  6% 401k match with immediate vesting up to $9k annually
  
• 
  Semi-annual bonus eligibility (July and December)
  
• 
  Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
  
• 
  Up to $10,000 in annual educational reimbursement
  
• 
  Other company funded benefits, like life and disability insurance
  
• 
  Optional zero deductible Blue Cross/Blue Shield health insurance plan
  




• 
  
  
  
  Track Record of Success:
  
  
  
  We have grown every year since our founding in 1993.
  
  

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit www.mtsi-va.com