Information System Security Officer

Information System Security OfficerLawelawe is a Native Hawaiian Owned Small Disadvantaged Business (NHO SDB) that specializes in providing a range of services to federal government clients, including program management, digital solutions, human capital and training. Lawelawe leverages our NHO status to secure federal contracts that not only drive business success but also support our overall mission to uplift economically disadvantaged Native Hawaiian families and preserve the Native Hawaiian heritage.An experienced Information System Security Officer (ISSO) with a laser focus on protecting sensitive systems and ensuring regulatory compliance in high-stakes environments. You thrive on solving complex security challenges, translating policies into actionable security procedures. You are agile and strategic while managing daily security operations, responding to incidents under pressure, and contributing to long-term cybersecurity planning.You'll serve as a key security authority and trusted advisor, helping secure sensitive systems and fortify the network from evolving threats. Shaping and enforcing Information Assurance policies, supporting ATO processes from start to finish, ensuing the operation of vulnerability management programs.ResponsibilitiesParticipate in various aspects in developing and writing certification and accreditation (C&A) documentation packages included in the process of helping an organization/agency obtain an Authority to Operate (ATO) on its systems and/or environment.Follow National Institute of Standards and Technology (NIST) and/or Department of Defense IA Certification and Accreditation Process standards in performance of job functions.Manage or take part in the MTF Information Assurance Vulnerability Management (IAVM) program, which requires disseminating, coordinating, validating, reviewing, guiding, data entry, training, and monitoring compliance data provided or available to/from DoD and MHS.Use DoD and MHS approved vulnerability assessment and mitigation tools to identify vulnerabilities, apply mitigation, and to identify potential areas of weaknesses in the IA programs.Identify security problems and requirements through studies, analysis, and research.Responsible for disseminating information, policies, procedures, and/or guidance to superior and subordinate units and for the management of tasks and requirements for MTF.Respond to reported security breaches, violations of rules, regulations, policies, procedures, and codes of conduct and take appropriate action to minimize harm, investigate, evaluate, track, and report incidents.Manage the security of the information system that is slated for Certification & Accreditation (C&A).Support the information system owner/information owner for the completion of security-related responsibilities.Advise system changes and impact.Provide view on the continuous monitoring of the information system.Assess security events to determine impact, develop and execute corrective action plans, and make recommendations to management for corrective long-term preventive solutions to avoid recurrence.Monitor and audits installed software and hardware tools for signs of suspicious activity leading to potential security events.Responsible for the implementation, maintenance, and proliferation of new technologies meant to enhance the overall network security posture.Develop and implements technical programs to ensure that users adhere to systems security policies and procedures.Ensure access to computer applications, operating systems, and other stored programs and data is limited to those personnel authorized for such access.Review and design systems software routines to facilitate security processes.Works with other Information Technology (IT) Specialists and participates in operational teams.Assign work to team members, tracks work completion, and assesses effectiveness and efficiency of work performed.Assist with customer ticketing system assignments and meets SLA.Elevate difficult assignments to senior IA managers as needed.May be required to respond to support nights or weekends to fulfill department related duties or be required to be placed on an on-call schedule for duties as directed/needed by command, directorate, or department.The TeamLawelawe Defense Inc ("LDI") is an SBA Certified 8(a) Native Hawaiian Owned (NHO) SDB. Lawelawe Defense offers an outstanding record of delivery on various projects encompassing: Program and Portfolio Management; Systems Engineering and Architecture; Network Engineering and Operations; Data Center Optimization and Operations; Desktop/Server and Application Virtualization.Here's What You NeedMinimum of 6+ years of experience demonstrating the required proficiency as an Information Security OfficerBachelor's degree and/or equivalencyActive Secret Security Clearance requiredMust possess at least one of the following IAT III Certifications (CISM, CISSO, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GCSA, GICSP, GSEC, GSLC)Must be a U.S. CitizenExcellent verbal and written communications skillsKnowledge of databases, spreadsheets and report writingAbility to adapt to a consistently changing environment.Experience with various tools such as: SPLUNK, PowerShell, ACAS, NESSUS, Siphon, and other tools used within the DoD and MHS environment.Knowledge of APL list, eMASS, CSTARS, and other DoD sites for cybersecurity system management.Strong knowledge of technical domain data requirements, system architecture, sensor/data sources.Experience with applying STIGSStrong knowledge of DoD and applicable service or agency security policies, manuals, and standards.Knowledge of processes in controlling, labeling, virus scanning, auditing tools, and secure data transfer between information systems.Bonus Points IfYou have prior experience supporting a DoD environment.The above job description is intended to describe the general nature and level of work being performed by individuals assigned to this position. It is not intended to be an exhaustive list of all responsibilities, duties, and skills required. Candidates possessing the necessary qualifications for the position will be considered.Lawelawe Defense Inc is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status, and will not be discriminated against on the basis of disability.Offers of employment are contingent upon satisfactory completion of a comprehensive background verification, inclusive of a criminal record check. Employment may be subject to other background checks, as required by the position.