Information System Security Officer

The Puyenpa family of companies are comprised of multiple SBA Certified Native American Tribal 8(a) and multi-certified organizations focused on delivering Information Technology, Management Consulting, and General Construction solutions to the Federal Government along with the Commercial Sector.

We are actively seeking an Information System Security Officer based in O'Fallon, IL. This role is NOT eligible for remote or hybrid work.

An active DoD Secret clearance is required for this role.

This is an exciting opportunity to be part of the Puyenpa team supporting the MAF DMO program with the United States Air Force.

The main responsibilities of the role include :

Designs and implements information assurance and security engineering systems with requirements of business continuity, operations security, cryptography, forensics, regulatory compliance, internal counter-espionage (insider threat detection and mitigation), physical security analysis (including facilities analysis, and security management).

Participate as a member of the cyber team as they plan, manage, and execute all RMF requirements for the MAF DMO to include :

• Risk management strategy, policies, awareness / trainings, assessments, continuous monitoring, authorizations, implementations, and remediation
• Manage life-cycle cybersecurity risk to Air Force information systems Ensure MAF DMO IT assets are assessed for cybersecurity risk to the AF, subsequent residual risk associated with security controls implementation is assessed and mitigated with Plans of Actions and Milestones (POA&M), aligns with DODI 8510.

01, and as documented in the RMF security authorization package for the AF IT

Ensure compliance of internal policies and procedures; and develop, review and complete interconnectivity requirement documents.

Duties include, but are not limited to :

• Perform the primary duties and responsibilities of an Information System Security Officer (ISSO) for MAF DMO networks.
• Knowledge of RMF process, DoDI 8500.01, eMASS and / or other governing
• Documentation Work directly with the ISSM / FSO to ensure program and overall security needs are met.
• Assist in security configuration / STIG validation of all operating systems and network devices.
• Collaborate to ensure all systems are compliant and in scope of current accreditation.
• Perform audits against approved HW / SW lists to ensure system compliance with approved baseline.
• Review ACAS / Nessus vulnerability scans
• Ensure data backups are occurring in accordance with the continuous monitoring policy.
• Review audit logs in Splunk to detect suspicious or unauthorized activity.
• Assist in authoring and editing Cybersecurity related documents (e.g., ISA, SLA, CIE).

The qualified candidate will have the following knowledge and experience :

The selected candidate must have an excellent knowledge of the Risk Management Framework, the documentation, roles and responsibilities, and how to work on a team pursuing cybersecurity practices compliant with policy, regulation, and best practices.

The Cybersecurity Engineer will work for the Cybersecurity Team Lead and the Information System Security Manager (ISSM).

Work will be assigned based on available resources among the teammates, prioritization from the Air Force customer, and recurring deliverables based on contractual obligations and clearly assigned with deadlines.

Familiarity with Assured Compliance Assessment Solution (ACAS) may prove beneficial as the candidate will collaborate with another teammate as a dedicated subject matter expert for ACAS while checking for vulnerabilities and working to patch the system.

• Certified Information Assurance Technician (IAT) Level II.
• Broad knowledge of network accreditation, PIT determinations, Authority to Operate documentation, etc.
• Secret Security Clearance.

Preferred qualifications :

• Experience with software / tools : Nessus / ACAS, Splunk, ePolicy Orchestrator, SCAP Compliance Checker (SCC), STIG Viewer.
• Puyenpa provides a variety of benefits including company-paid health, dental & vision insurance coverage, as well as additional employee-paid health insurance options;

company-paid life and disability insurance; 401k retirement savings plan with employer match; 11 company paid holidays per year, and paid time off.