Expoint – all jobs in one place
מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
Limitless High-tech career opportunities - Expoint

Jacobs Information System Security Officer 
United States, Virginia 
716513409

29.06.2025
Your impact

Duties/Tasks and Responsibilities:

Perform all ISSO related duties as required by ICD 503, applicable NRO, IC, DoD policies, procedures and operating instructions related to information Technology, Information Assurance, Information Management (IT/IA/IM)

• Manage the day-to-day system security including physical and environmental protection, incident handling, and information system security training and awareness.

• Maintain the system security plan (SSP), and other related documents, following NRO, IC, and DoD applicable policies, procedures, and templates.

• Maintain and update asset record in SNOW

• Perform continuous monitoring (ConMon) and periodic self-inspections of information systems to ensure security compliance

• Review Nessus security scans, communicate vulnerabilities to technical stakeholders, and perform remediation

• Support customer responses to ongoing information system audits and reviews in accordance with established schedules

• Ensure change control requirements are documented and tracked

• Monitor and track status of applicable patches including IA Vulnerability Alerts (IAVA), IA Vulnerability Bulletins (IAVB) and Technical Advisories (IA) for the information system.

• Conduct periodic reviews of Privileged User (PU) accounts (Developer, Admin, etc.)

• Assist in the creation of new policies/procedures as needed

• Perform Configuration and Change Management for the security relevant IS software, hardware, and firmware, Event Management, Vulnerability Management, Security Incident Management, POA&M Management, Reauthorization, and Decommissioning of IT asset environments

• Maintain Approval to Operate (ATO), including the resolution of any Plans of Action & Milestones (POA&M) documents

• Maintain and validate account and vulnerability management

• Control, label, virus scan, and appropriately transfer data (uploading/downloading) between various information systems as required and Portable Electronic Device (PED) registrations and tracking.

• Provide security design guidance and analysis to the project team throughout the RMF process

• Perform reviews of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strategies

• Develop and maintain a Data Loss Prevention process to investigate, track, and mitigate security incidents.

• Responsible for implementing and maintaining security services tools within the Risk Management Framework (RMF).

• Provide briefings on the network security posture and compliance status of assigned system(s) to Security Management

Onsite employees are expected to attend a Jacobs Workplace on a full-time basis, as required by the nature of their role.