Title:
Information Systems Security Officer
Program Summary:
KBR’s Mission Engineering Division delivers complex technical solutions and expert support to the U.S. Department of War, specializing in modeling and simulation, cyber transformation, air vehicle mission integration, and lifecycle support. As a trusted partner with a proven history in mission technology, KBR collaborates closely with clients to develop innovative and effective solutions. With a strong ethical framework, KBR prioritizes data security, privacy, and responsible information management to ensure mission success.
Job Summary:
KBR is seeking a Information Systems Security Officer (ISSO) for Government information systems in support of a Program Management Activity (PMA).
The job does not offer remote work; all work will be done onsite. Travel for the position will be <20% per year.
Roles and Responsibilities:
- Perform extensive assessments of systems and networks within a networking environment or enclave to identify deviations from acceptable configurations, enclave policy, or local policy
- Conduct both passive evaluations (compliance audits) and active evaluations (vulnerability assessments)
- Establish and maintain strict program control processes to mitigate risk and support system certification and accreditation
- Provide support across multiple areas, including:
- Process support and analysis support
- Coordination support
- Security certification test support
- Security documentation support
- Investigations and software research
- Introduction and release of new software
- Emerging technology research, inspections, and periodic audits
- Assist in implementing required government security policies (e.g., RMF, NISPOM, JSIG) and recommend appropriate process tailoring
- Perform in-depth analyses to validate existing security requirements and recommend additional security controls and safeguards
- Support formal Security Test and Evaluation (ST&E) activities by:
- Conducting pre-test preparations
- Participating in security tests
- Analyzing test results
- Preparing required reports
- Periodically review system audits and monitor corrective actions until all findings are fully resolved
Basic Qualifications:
- Bachelor’s degree in Computer and Architecture Information Systems Management or a related field from an accredited college or university, or equivalent experience, is required
- Five (5) to twelve (12) or more years of combined experience performing related duties
- An Associate’s degree plus an additional nine (9) to sixteen (16) years of relevant experience may be substituted for a Bachelor’s degree
- A high school diploma plus an additional thirteen (13) to twenty (20) years of relevant experience may be substituted for a Bachelor’s degree
- A minimum of two (2) years of experience with mid-sized client/server systems in systems analysis, software design, software development, and system administration
- Experience with DoD M 5205.07 Series, Risk Management Framework (RMF), and Joint SAP Implementation Guide (JSIG) requirements
- Knowledge of quality assurance, quality control, and independent verification and validation (IV&V) techniques
- Experience working independently and as part of a team to research data and develop analytical techniques and methodologies
- Experience managing secure Information Systems (IS) and databases, including implementing and maintaining cross-domain solutions
- Current Information Assurance Manager (IAM) Level I certification in accordance with DoD 8570.01-M, or the ability to obtain IAM Level I certification within six (6) months
- Ability to successfully undergo a government security investigation and meet eligibility requirements for access to classified information; active Secret clearance required
Preferred Qualifications:·
- Implement the Risk Management Framework (RMF) in accordance with NIST SP 800 and the Joint Special Access Program Implementation Guide (JSIG)
- Participate in the development and maintenance of System Security Plans (SSPs) and Contingency Plans for all assigned systems
- Draft, maintain, and manage security artifacts, including System Security Checklists, Privacy Impact Assessments (PIAs), Plans of Action and Milestones (POA&Ms), and Authority to Operate (ATO) documentation
- Develop and manage POA&Ms for identified vulnerabilities and ensure compliance through monthly and quarterly updates
- Maintain an inventory of all assigned Information Security Systems
- Develop Assessment and Authorization (A&A) deliverables, including SSPs, Security Assessment Reports (SARs), Contingency Plans (CPs), and POA&Ms for review and approval by the Authorizing Official
- Monitor and conduct Security Control Assessments to ensure controls meet security requirements outlined in the SSP, NIST SP 800-53, and JSIG
- Effectively communicate technical security information to non-technical personnel
- Coordinate with organizational leadership to ensure timely compliance with security and regulatory requirements
- Develop waivers and exceptions for identified information system vulnerabilities
Compensation: $136,180.00 - $204,270.00.
The salary range posted is for California locations. The offered rate will be based on the selected candidate’s location, knowledge, skills, abilities, and/or experience, contract affordability, and in consideration of internal parity.
Benefits:
KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.
Belong, Connect and Grow at KBR
At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.