Title:
Information System Security Officer
KBR is seeking an Information System Security Officer that will function as the focal point of the Continuous Monitoring (ConMon) Program, which evaluates technology, processes, procedures, operating environment, and people. ConMon maintains ongoing awareness of information security, vulnerabilities and threats to support organizational risk management decisions.
Execute the ConMon Program, using DOD (DAAPM), NIST, FISMA, and other government standards, policies and regulations (e.g., NIST 800-137, NIST 800-53, 800-37 and 800-39).
Assist in the development and tracking of ConMon metrics such as the number and severity of vulnerabilities discovered and remediated, number of unauthorized access attempts, configuration baseline information, and contingency plan testing dates and results.
Assist with validating the ConMon information collection and reporting process.
Develop weekly, monthly, and more frequent (as required) ConMon Reports and capture metrics as security control assessments are conducted. Detail findings, provide status, recommended mitigations, metrics, and evidence.
Recognizing critical security incidents and escalating as needed
Developing plans and procedures for continuous monitoring and detection operations.
Monitor and assess selected security controls in the information system on an ongoing basis including assessing security control effectiveness, documenting changes to the system or environment of operation, conducting security impact analyses of the associated changes, and reporting the security state of the system to appropriate officials.
Requirements:
Excellent data analysis skills and ability to identify patterns and trends.
Deep understanding and knowledge of networking, including TCP/IP, DNS, HTTP, SMTP
Experience working in Risk Management Framework (RMF)
Ability to work individually and as part of a team
Ability to think creatively and come up with innovative solutions
Secret or higher security clearance
Excellent written and verbal communication skills. Should be comfortable with public speaking and presenting findings to others, including leadership
IAT Level II (Security+ CE, etc.)
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
