106 Information Security jobs in Security

Cybersecurity Penetration Tester

LOCATION: Peterson SFB, CO

JOB STATUS: FT

CLEARANCE: Ability to Obtain and Maintain Top Secret

CERTIFICATION: DOD 8140 IAT Level 3 Certification

TRAVEL: 25%

Astrion has an exciting opportunity for a Mid-Level Cybersecurity Penetration Tester for the TMAS 2 96 CTG Task Order , supporting the 48 CTS / TGEC.

Our cybersecurity test team is searching for new members to support the 48th Cyber Space Test Squadron (48 CTS) at Peterson Space Force Base, Colorado. The 48th CTS provides a range of cybersecurity support to both the United States Air and Space Forces. Applicants should be able to help conduct penetration testing and conduct security analysis on systems and/or software to understand and identify vulnerabilities. If you enjoy working in a fast-paced multi-disciplinary environment, learning new technology areas, this is the place for you. We provide several opportunities to learn ranging from on-the-job training with other team members to formal courses for unique technology areas.

We realize that no one will have all these qualifications. We are looking for people that can bring a strong foundation in one of the listed areas and are motivated to learn the others. Position responsibilities can span from compliance testing to penetration testing, depending on the skillset.

This position provides support to the 48th Cyberspace Test Squadron at Peterson and Schriever Space Force Bases (SFB) Colorado and does include travel to meet 48th CTS mission requirements. Travel can be up to 25% of the time and mostly includes travel within the United States but may include travel overseas.

REQUIRED QUALIFICATIONS / SKILLS

• Technical Bachelor's Degree and at least 3-10 years of applicable experience, or additional years experience to outweigh the educational requirement.
• Must be able to obtain/maintain a Top Secret clearance. U.S. Citizenship.
• Must have or be able to obtain DOD 8140 IAT Level 3 certification (CASP, CISSP, ISSEP, etc.) within 6 months of hire, and maintain certification throughout employment.
• Experience using modern penetration testing tools and methods.
• Experience with testing and exploiting web application.
• Ability to work effectively in small and large team settings to solve complex problems.
• Ability to work with DOD Program Offices to scope, plan, execute, and report on penetration tests.
• Significant knowledge of Windows and Linux (including Kali) Operating Systems.

DESIRED QUALIFICATIONS / SKILLS

• Experience leading the team and performing penetration test activities/events.
• Knowledge of source code vulnerability analysis.
• Knowledge of network security/engineering.
• Knowledge of common wired and wireless network protocol structures.
• Experience using interpreted languages (Python, Ruby, JavaScript, Bash, PowerShell, PHP, etc.).
• Knowledge of compiled languages (C, C++, Assembly, Java, etc.).
• Certifications: CISSP, CASP, OSCP, OSEP, OSWA, OSWE, OSED, OSCE, GCIH, GPEN, and/or GWAP

RESPONSIBILITIES

• Conduct independent penetration testing, data collection, test automation, and reporting.
• Develop test tools and strategies for cybersecurity testing in DOD.
• Perform system security analysis on systems and/or software to understand and identify vulnerabilities.
• Execute hands-on testing which include technical skills with multiple operating systems. (Windows, Linux, Unix) as well as various software/databases (Apache, SQL Server, Oracle, etc.).
• Provide technical guidance and support to penetration test teams.
• Document and communicate test results effectively to technical and non-technical user groups in written and oral formats.
• Provide technical support in the management, planning, and execution of CVI, ACD, and CVPA

SALARY RANGE: Estimated $115,000 USD - $130,000 USD annually.

What We Offer

• Competitive salaries
• Continuing education assistance
• Professional development allotment
• Multiple healthcare benefits packages
• 401K with employer matching
• Paid time off (PTO) along with a federally recognized holiday schedule

Who We Are

At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to "Be the Difference". This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.

We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what's possible. We promote collaboration and empowering our teams is at the core of our success.

Be the Difference

Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.

Join Astrion and Be the Difference in your career and the world!

Astrion is an Equal Employment Opportunity Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

"Air Force Cyber Division"

#LI-AD1

#CJ

Air Force

• Conducting comprehensive penetration testing on hardware, software, and network components.
• Performing advanced vulnerability scanning and assessments on all components.
• Performing a Cybersecurity evaluation of the product under test to identify vulnerabilities that would negatively impact the Confidentiality, Integrity, or Availability of system data or functionality.
• Opining on the impact and level of effort required to exploit the identified vulnerabilities as well as provide information on a high-level remediation strategy.
• Testing more complex technologies and guiding junior testers through more advanced testing scenarios.
• Articulating higher-order impacts of identified vulnerabilities.
• Informing the client in writing and verbally of how the identified vulnerabilities can be chained together to create a cyber "kill-chain".
• Ensuring quality control on all artifacts generated during the penetration testing process.
• Analyzing software, firmware, hardware, and/or RF components within the system.
• Developing and executing exploits and proof-of-concept (PoC) attacks to demonstrate the impact of identified vulnerabilities.
• Analyzing and reverse engineering firmware and embedded systems to identify security weaknesses.
• Testing and assessing the security of secure boot processes and Trusted Execution Environments (TEE).
• Conducting web application security assessments, focusing on OWASP Top Ten vulnerabilities and API security testing.
• Performing manual verification of vulnerabilities, assessing their risk and exploitability.
• Engaging in wireless and RF security testing, including penetration testing on Wi-Fi, Bluetooth, and Zigbee networks.
• Utilizing Software Defined Radio (SDR) for protocol reverse engineering and testing.
• Reporting detailed findings and providing actionable recommendations for remediation to enhance product security.

• 3+ years' experience in penetration testing and vulnerability assessment.
• Proficiency in firmware analysis, reverse engineering, and binary exploitation.
• Experience in web application security testing and API security assessments.
• Hands-on experience with wireless and RF security testing.
• Advanced knowledge of Software Defined Radio (SDR) and protocol reverse engineering.
• US Citizenship and clearable at a minimum of the Secret Level

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Proven ability to develop and execute complex exploits and PoC attacks.
• Strong analytical skills and experience in firmware and embedded systems testing.
• Effective communication skills, with the ability to present findings and recommendations clearly.
• Certifications such as OSCP, PNPT, GPEN or similar are highly desirable.

Overview

The Cybersecurity Penetration Tester is critical for conducting thorough penetration tests and security analyses on various systems and software to identify potential vulnerabilities, ensuring the cybersecurity integrity for our client and government partners.

This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse.

Responsibilities

• Execute independent penetration tests, including data collection, test automation, and comprehensive reporting.

• Develop testing tools and methodologies for our client's cybersecurity assessments.

• Perform in-depth security analysis on systems to pinpoint vulnerabilities.

• Provide expert-level testing skills across various operating systems and software databases.

• Offer guidance and lead penetration test teams through complex testing scenarios.

• Document and convey test findings to both technical and non-technical audiences effectively.

• Support the management and execution of CVI, ACD, and CVPA activities.

• Other duties as assigned.

Qualifications

• Technical Bachelor's Degree in a related field, or equivalent experience.

• 3-10 years related to cybersecurity, with a focus on penetration testing.

• Possess an active Secret clearance.

• Must obtain DOD 8570 IAT Level 3 certification within 6 months and maintain throughout employment

• Profound experience with modern penetration testing tools and methods, analytical problem-solving, excellent communication abilities, self-motivated with a capacity for minimal supervision, and strong knowledge of Windows/Linux OS.

• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.

• Must possess problem-solving skills.

• Exceptional communication skills, both oral and written

• Ability to respond effectively to customers with a sense of urgency.

• Proficient in Microsoft and Adobe toolsets, including Excel, Word, PowerPoint, Acrobat, etc.

• Highly motivated with the ability to handle and manage multiple tasks at any one time.

• Ability to forge new relationships, individual and teaming in nature.

• Must be a Self-starter, that can work independently and as part of a team.

Desired Qualifications:

• Leadership experience in penetration testing activities/events.

• Proficiency in source code vulnerability analysis.

• Expertise in network security/engineering and protocol structures.

• Experience with interpreted languages (Python, Ruby, JavaScript, etc.).

• Familiarity with compiled languages (C, C++, etc.).

• Relevant certifications (CISSP, CASP, OSCP, GWAP, etc.).

Our Commitment to you / overview of benefits

• Medical, Dental and Vision Insurance; Wellness Program

• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)

• Short-Term and Long-Term Disability options

• Basic Life and AD&D Insurance (Company Provided)

• Voluntary Life and AD&D options

• 401(k) Retirement Savings Plan with matching after one year

• Paid Time Off

Reports to: Program Manager

Working Conditions

• Professional office environment.

• Ability to work on-site at Peterson Space Force, CO.

• Must be physically and mentally able to perform duties extended periods of time.

• Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.

• Must be able to establish a productive and professional workspace.

• Must be able to sit for long periods of time looking at computer screen.

• May be asked to work a flexible schedule which may include holidays.

• May be asked to travel 25% to 50% for business or professional development purposes.

• May be asked to work hours outside of normal business hours.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer. All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

Pay Range

USD $115,000.00 - USD $120,000.00 /Yr.

Submit a Referral (

Can't find the right opportunity?

Join ourTalent Community ( orLanguage Services Talent Community ( and be among the first to discover exciting new possibilities!

Location US-CO-

ID

Category Information Technology

Position Type Full-Time Salary Exempt

Remote No

Clearance Required Secret

• Security Strategy and Architecture: Develop Security Vision and Strategy: Design an overarching security architecture that aligns with the organization's business goals, ensuring it is adaptable to both current and emerging threats. Security Policy Assessment and Compliance: Participate in evaluating security policies, procedures, and controls to ensure compliance with industry regulations and organizational requirements. System and Application Security Design: Work with engineering, development, and IT teams to integrate security protocols into system design, application development, and IT infrastructure. Ensure adherence to principles like least privilege, secure coding, and secure system design.
• Innovation and Emerging Technologies: Evaluate Emerging Technologies: Investigate new technologies, such as AI, ML, and blockchain, for potential applications to enhance security posture and processes. Drive Security Innovation: Encourage innovation within security practices and solutions, staying ahead of potential threats and adopting advanced security tools and technologies.
• Risk Management and Third-Party Security: Risk Identification and Prioritization: Identify, analyze, and prioritize risks to the organization's IT environment, including data, systems, and networks. Develop Risk Mitigation Strategies: Create both preventive and reactive strategies to manage and mitigate security risks across systems. Third-Party Risk Management: Engage with the third-party risk management team to establish security protocols for data sharing, access control, and secure interactions with external partners.
• Governance, Policy, and Compliance: Policy and Governance Frameworks: Develop and advise on policies, standards, and guidelines for data protection, compliance, privacy, and security governance. Policy Enforcement: Collaborate on the creation of a governance framework to enforce security policies and ensure adherence across departments. Stakeholder Engagement and Education: Educate and advise cross-functional teams, including IT, HR, legal, and executive leadership, on security practices and the business impact of cybersecurity.
• Security Monitoring, Threat Intelligence, and Continuous Improvement: Security Monitoring Systems: Design and implement systems to detect, monitor, and respond to potential security threats in real-time, ensuring continuous protection. Threat Intelligence and Awareness: Stay informed about the latest cybersecurity threats, vulnerabilities, and trends, applying this knowledge to update and improve security measures. Continuous Improvement: Regularly assess and improve security protocols, systems, and policies to keep pace with evolving threats. Foster a culture of security awareness and adaptability within the organization.
• Bank Secrecy Act: Remains cognizant of and adheres to Ent policies and procedures, and regulations pertaining to the Bank Secrecy Act.

• Bachelor's Degree in Information Technology, Computer Science, or related field. preferred
• 5+ years' working with security architectures, frameworks, and leading large-scale security initiatives Required
• 10+ years' experience in Cybersecurity preferred
• 7+ years' Security Engineering, Risk Management, Security Design preferred
• 3+ years' experience in cloud security, security governance, regulatory compliance preferred

• Understanding of security architecture frameworks (e.g., SABSA, NIST, ISO 27001).
• In-depth knowledge of security technologies, including firewalls, intrusion detection systems, and encryption methods.
• Familiarity with cloud security best practices and architectures across various cloud platforms (e.g., AWS, Azure, Google Cloud).
• Awareness of compliance regulations (e.g., GDPR, HIPAA, PCI-DSS) and risk management principles.
• Proficient in security assessment tools and methodologies (e.g., vulnerability scanning, penetration testing).
• Analytical and problem-solving skills for identifying and addressing security vulnerabilities.
• Knowledge of threat modeling and compliance to align security strategies with business objectives.
• Communication skills, with the ability to convey technical concepts to non-technical stakeholders.
• Ability to develop and maintain security documentation, including policies, standards, and incident response plans.
• Project management skills, including the ability to coordinate security initiatives and meet deadlines.
• Ability to evaluate and recommend new security technologies and tools that enhance overall security posture.
• Ability to collaborate effectively with cross-functional teams and build strong relationships with stakeholders.
• Capacity to mentor and guide junior security team members in security best practices and methodologies.
• Ability to adapt to evolving threats and a willingness to stay current with industry trends.
• Ability to think strategically and align security solutions with overall business objectives.
• Competence in risk assessment and management related to security decisions and implementations.

• Cert Info Sys Sec Pro preferred
• Cert Info Sec Mgr preferred

• Standing - Occasionally
• Walking - Occasionally
• Sitting - Frequently
• Lifting - Rarely (40 Lbs)
• Carrying - Rarely
• Pushing - Rarely
• Pulling - Rarely
• Balancing - Rarely
• Stooping - Rarely
• Kneeling - Rarely
• Crouching - Rarely
• Crawling - Rarely
• Reaching - Occasionally
• Handling - Occasionally
• Grasping - Occasionally
• Feeling - Occasionally
• Talking - Frequently
• Hearing - Frequently
• Repetitive Motions - Frequently
• Eye/Hand/Foot Coordination - Occasionally
• Noises louder than normal speaking volume - Occasionally
• Temperature Changes - Rarely
• Atmospheric Conditions - Rarely

• Health Benefits: Affordable insurance, 24/7 doctor access, and a nationwide provider network.
• 401(k): 3% automatic contribution after three months, plus up to 6% matching.
• Paid Time Off: During your first year, enjoy 16 days of paid time off (PTO) plus 9 paid holidays. And it grows from there.
• Volunteer Time Off: Paid time off to give back to the community.
• Education Support: Up to 10,000 annually for higher education and assistance for certifications.
• Exclusive Discounts: Significant savings on home, car, and personal loans.
  
  For more information about our outstanding benefits please visit our careers page at
  
  We anticipate this position to close on 8/8/2025. Please submit your application at your earliest convenience to be considered.
  
  Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
  
  The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

• Conducting comprehensive penetration testing on hardware, software, and network components.
• Performing advanced vulnerability scanning and assessments on all components.
• Performing a Cybersecurity evaluation of the product under test to identify vulnerabilities that would negatively impact the Confidentiality, Integrity, or Availability of system data or functionality.
• Opining on the impact and level of effort required to exploit the identified vulnerabilities as well as provide information on a high-level remediation strategy.
• Testing more complex technologies and guiding junior testers through more advanced testing scenarios.
• Articulating higher-order impacts of identified vulnerabilities.
• Informing the client in writing and verbally of how the identified vulnerabilities can be chained together to create a cyber "kill-chain".
• Ensuring quality control on all artifacts generated during the penetration testing process.
• Analyzing software, firmware, hardware, and/or RF components within the system.
• Developing and executing exploits and proof-of-concept (PoC) attacks to demonstrate the impact of identified vulnerabilities.
• Analyzing and reverse engineering firmware and embedded systems to identify security weaknesses.
• Testing and assessing the security of secure boot processes and Trusted Execution Environments (TEE).
• Conducting web application security assessments, focusing on OWASP Top Ten vulnerabilities and API security testing.
• Performing manual verification of vulnerabilities, assessing their risk and exploitability.
• Engaging in wireless and RF security testing, including penetration testing on Wi-Fi, Bluetooth, and Zigbee networks.
• Utilizing Software Defined Radio (SDR) for protocol reverse engineering and testing.
• Reporting detailed findings and providing actionable recommendations for remediation to enhance product security.

• 10+ years' experience in penetration testing and vulnerability assessment (for Senior level).
• 3 + years for junior to mid-.level.
• Proficiency in firmware analysis, reverse engineering, and binary exploitation.
• Experience in web application security testing and API security assessments.
• Hands-on experience with wireless and RF security testing.
• Advanced knowledge of Software Defined Radio (SDR) and protocol reverse engineering.
• US Citizenship and clearable at a minimum of the Secret Level

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Proven ability to develop and execute complex exploits and PoC attacks.
• Strong analytical skills and experience in firmware and embedded systems testing.
• Effective communication skills, with the ability to present findings and recommendations clearly.
• Certifications such as OSCP, PNPT, GPEN or similar are highly desirable.

Description: This position requires a Current Secret clearance and ability to obtain Top Secret.

Classified Cyber Security ISSOs help secure lifesaving products and critical state-of-the-art engineering and manufacturing systems by applying cutting edge cybersecurity principles. Rising to the challenge of building a more secure world for the warfighter, space exploration, climate sustainability and commercial use.

The Classified Cyber Security Sr will partner with the security team, program, and government customers to perform as an Information Systems Security Officer (ISSO) in Colorado Springs, CO.

The work that ISSOs do can be summarized in this way:

- You will have a direct impact to national security, ultimately contributing to protecting your loved ones – this is dynamic, gratifying and impactful work!

- You will have the opportunity to engage in all aspects of the cyber discipline

- You can enjoy a work-life balance that allows for flex hours and a family-first culture

Key Responsibilities of this role includes:

- Oversee day-to-day information system security operations including hardware and software implementations.

- Carry out technical administration of IS in accordance with internal LM and customer security requirements, primarily Risk Management Framework (RMF).

- Upkeep, monitor, analyze, and respond to network and security events.

- Document compliance actions within the approved automated compliance tracking system or develop a plan of actions and milestones (POA&M) with the Information Systems Security Manager (ISSM) to address non-compliance in the allotted time frame.

- Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.

- Balance competing priorities amongst multiple customers and programs.

- Auditing is a large part of this role’s responsibility.

Basic Qualifications:

• Current Secret clearance and ability to obtain Top Secret

• DoD 8570 IAT Level II certification

• Information Systems auditing experience

• Knowledgeable of operating system security requirements

• Hands on experience with industry standard Information Assurance tools

Desired Skills:

• Prior experience as an ISSO/ISSM

• Demonstrated technical experience for Windows, Networking, and/or UNIX-based operating systems

• Experience in system hardening, analysis, and vulnerability management

• Knowledgeable in Solaris/UNIX/Linux command line

• Experience with the Defense Counterintelligence & Security Agency (DCSA) and their implementation of the Risk Management Framework (RMF)

• Experience with industry standard Information Assurance tools such as the STIG Viewer, SCC Tool, and Splunk

• Jira/Agile Hive experience

Security Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.

Clearance Level: Top Secret

Other Important Information You Should Know

Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.

Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.

Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.

Schedule for this Position: 9x80 every other Friday off

Pay Rate: The annual base salary range for this position in California and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $89,300 - $157,550. For states not referenced above, the salary range for this position will reflect the candidate’s final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible.

Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics.

The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration.

At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work.

With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility.

If this sounds like a culture you connect with, you’re invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs , and apply for roles that align with your qualifications.

Experience Level: Experienced Professional

Business Unit: SPACE

Relocation Available: No

Career Area: Security

Type: Full-Time

Shift: First

Global Resource Solutions, Inc. (GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Officer II.

Job Description:

Summary: The ISSO II’s primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

Essential Duties & Responsibilities:

• Review, prepare, and update AIS authorization packages

• Notify customer when changes occur that might affect AIS authorization

• Perform AIS self-inspections, provide security coordination and review of all system test plans

• Identify AIS vulnerabilities and implement countermeasures

• Represent the customer on various technical review and inspection teams

• Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system authorization packages

• Coordinate, prepare, and track AIS inspections, reports, and responses

• Maintain AIS security records and prepare Co-Utilization Agreements for network nodes operating in government facilities

• Prepare reports on the status of security safeguards applied to computer systems

• Ensure AIS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices

• Perform ISSO duties in support of in-house and external customers

• Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts

• Review, track, and conduct AIS training

Requirement:

• Four (4) years related experience

• Bachelor’s Degree in a related area or equivalent experience (Four (4) years)

• Must meet position and certification requirements outlined in DoD Directive -M for Information Assurance Technician Level 2 within 6 months of the date of hire.

Security Requirements:

• Current Top Secret Clearance with SCI Eligibility

• Eligibility for access to Special Access Programs

• Willingness to submit to a Counterintelligence Polygraph

Skills:

• Ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners

• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)

• Possess a high degree of originality, creativity, initiative requiring minimal supervision

• Must be familiar with security policy/manuals and the appropriate DCIDs/JAFANs and other guiding policy documents

• Requires travel within the organizational geographic Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)

• Must be able to lift up to 50lbs

Physical Requirements: This position requires employees to be willing and able to: sit, bend, reach, stoop, squat, stand, and walk.

Communication: Excellent customer service via phone and face to face conversation, excellent written and oral command of English.

GRS is an Equal Opportunity Employer. GRS will continue to abide by obligations under VEVRRA and Section 503 physical or mental disability, protected veteran status, or any other characteristics that are protected by law.

Global Resource Solutions, Inc. (GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Officer III.

Job Description:

Summary: The ISSO III’s primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

Essential Duties & Responsibilities:

• Review, prepare, and update AIS authorization packages

• Notify customer when changes occur that might affect AIS authorization

• Perform AIS self-inspections, provide security coordination and review of all system test plans

• Identify AIS vulnerabilities and implement countermeasures

• Represent the customer on various technical review and inspection teams

• Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system authorization packages

• Coordinate, prepare, and track AIS inspections, reports, and responses

• Maintain AIS security records and prepare Co-Utilization Agreements for network nodes operating in government facilities

• Prepare reports on the status of security safeguards applied to computer systems

• Ensure AIS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices

• Perform ISSO duties in support of in-house and external customers

• Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts

• Review, track, and conduct AIS training

• Provide leadership, mentoring, and quality assurance for Team Members

Requirement:

• Five (5) to Seven (7) years related experience

• Bachelor’s Degree in a related area or equivalent experience (Four (4) years)

• Must meet position and certification requirements outlined in DoD Directive -M for Information Assurance Technician Level 2 within 6 months of the date of hire.

Security Requirements:

• Current Top Secret Clearance with SCI Eligibility

• Eligibility for access to Special Access Programs

• Willingness to submit to a Counterintelligence Polygraph

Skills:

• Ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners

• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)

• Possess a high degree of originality, creativity, initiative requiring minimal supervision

• Must be familiar with security policy/manuals and the appropriate DCIDs/JAFANs and other guiding policy documents

• Requires travel within the organizational geographic Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)

• Must be able to lift up to 50lbs

Physical Requirements: This position requires employees to be willing and able to: sit, bend, reach, stoop, squat, stand, and walk.

Communication: Excellent customer service via phone and face to face conversation, excellent written and oral command of English.

GRS is an Equal Opportunity Employer. GRS will continue to abide by obligations under VEVRRA and Section 503 physical or mental disability, protected veteran status, or any other characteristics that are protected by law.