Information System Security Officer

Ready for Whatis Next? Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises. iWe proactively build trusted relationships with our peers, partners and customers, and take ownership for our actionsialways striving to do the right thing.

Kratos is looking foriInformation System Security Officers to support system and infrastructure engineers, cloud engineers, and developers in the execution of information assurance policies and activities. This is accomplished in compliance with CMMC and Risk Management Framework policies and procedures such as System Security Plans, Risk Assessment Reports, Plans of Actions and Milestones, Assessment & Authorization packages, and Security Control Traceability Matrices. The ISSO will maintain an operational security posture to ensure security policies, standards, and procedures are followed. The ISSO will also support vulnerability and risk assessment analyses to gain and maintain Assessment & Authorization and maintain configuration management for information system security software, hardware, and firmware.

This position is based on multiple DoD Directives; including DoD 5205.07 volumes 1-4; DoDD 5205.02E; DoDI 5025.01, 5205.11, 5200.39, 5220.22, DoDM 3305.13; DoD 8140 series; Intelligence Community Directive Series 500/600/700; NIST 800 series special publications; Executive Orders 13556 and 13636, the Joint Special Access Program Implementation Guide Rev 4, and DISA Security Technical Implementation Guides.

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel (~10%) to customer sites and other program locations may be required.

• Perform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities.
• Participate in regular security self-inspections and audits.
• Assist with the selection and implementation of security features for systems and applications.
• Identify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle.
• Perform security assessments on new and proposed products and technologies to ensure secure integration into the approved baseline.
• Provide product security engineering support and recommendations used to resolve integration and testing issues.
• Maintain a standardized set of security product requirements and produces metrics to report performance against those requirements.
• Review and define security diagnostics and tools to facilitate the analysis and reporting of security events.
• Assist other teams with mitigating security risks, responding to product security incidents, and product security related issues.
• Participate in security architecture and design review meetings.
• Manage system access and revocation requests. Track and verify DoD certification requirements in accordance with DoD 8140 guidance.

• 2-4 years cybersecurity experience.
• A solid knowledge of the DISA Risk Management Framework.
• CompTIA Security+ CE, CASP+, or equivalent cybersecurity certification.
• Experience with security controls, RMF, and STIGs.
• Familiarity with modern IT infrastructure capabilities to include virtualization, cloud deployment, and containerization.
• Self-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment.
• Able to clearly communicate technical concepts orally and in written forms to internal and external audiences.
• Capable of working in a fast-paced team environment.
• Excellent organizational and communication skills and able to effectively interact with managers and technical staff.
• Secret clearance with the ability to obtain TS/SCI.

Desired Skills and Experience

• 2 years as an ISSO or equivalent duties.
• Familiarity with ACAS or similar security tools.
• Familiarity with eMASS, XACTA, or similar government systems of record.
• Familiarity with zero trust framework.
• Experience with satellite ground systems.
• Experience with Linux.
• Experience with AWS.
• Experience with security tools such as Splunk and ACAS.

#LI-Onsite

Competitive salary based on experience and education
Salary Range: $105,000-$125,000

Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offeringsifrom commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.