Information Systems Security Officer

Overview

Credence is one of the largest and fastest growing privately-held government technology and services companies and is repeatedly acclaimed as a Top Workplace. As evidenced by our awards and certifications and maturity levels, as well as the agility and responsiveness, to tackle our customers' most challenging mission needs. We also offer comprehensive benefits including health insurance with dental and vision coverage, retirement savings plans with employer matching, paid time off, and opportunities for professional development and growth. Additionally, employees enjoy wellness programs, flexible work arrangements, and various discounts and perks to support their overall well-being and work-life balance.

Credence Management Solutions, LLC (Credence) is seeking an Information Systems Security Officer in support of the Cyber Resiliency Office for Weapon Systems (CROWS) at Wright-Patterson AFB, OH.

The Assistant Secretary of Air Force for Acquisition (SAF/AQ) and Air Force Materiel Command (AFMC) stood up the Cyber Resiliency Office for Weapon Systems (CROWS) under Air Force Life Cycle Management Center (AFLCMC) to be the dedicated office to increase cyber resiliency of Air Force (AF) weapon systems and to maintain mission effective capability under adverse conditions. CROWS is organizationally located under AFLCMC/EN-EZ with mission responsibility for 'baking in' cyber resiliency into new weapon systems and mitigation of 'critical' vulnerabilities in fielded weapon systems.

Responsibilities include, but are not limited to the duties listed below

• Work within Security Assistance Program (SAP) and Sensitive Compartmented Information (SCI) facilities supporting CROWS' mission.
• Provide "day-to-day" support for Collateral, SCI and SAP activities, and support other classified network systems.
• Appraise and recommending assessment documentation and providing written recommendations for authorization to Government program managers.
• Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration of existing SAP network infrastructures.
• Verify authorizations are accomplished on each Automated Information System (AIS).
• Assist with risk assessments and make recommendations to customers.
• Periodically review system security to accommodate changes to policy or technology.
• Assist with the development and maintenance of the information systems security program.
• Ensure all personnel receive the necessary technical and security training for using AIS.
• Confirm proper protection or corrective measures undertaken when an incident or vulnerability is discovered within a system.
• Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.
• Maintain a repository for all system authorization documentation and modifications.
• Coordinate AIS security inspections, tests, and reviews.
• Assist in developing policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.
• Confirm data ownership and responsibilities are established for each AIS, to include accountability, access rights, and special handling requirements.
• Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local AIS security training.
• Ensure system security requirements are addressed during all phases of the system life cycle.
• Confirm security assessments and audits are completed and documented.
• Identify threats and vulnerabilities to ascertain whether additional safeguards are needed.
• Assess changes in the system, its environment, and operational needs that could affect the authorization.
• Review AIS assessment plans.
• Support necessary compliance activities.
• Conduct periodic assessments of the security posture of the AIS.
• Ensure Configuration Management (CM) for security-relevant AIS software, hardware, and firmware are properly documented.
• Validate AIS authorization documentation is current and accessible to properly authorized individuals.
• Participate in self-inspections, identifying security discrepancies, and reporting security incidents.
• Perform file transfers between local systems to storage devices.
• Design, review, endorse, and recommend actions by the system approving authority for system assessment documentation.
• Perform risk assessments and making recommendations to customers.
• Build and maintain the information systems security program.
• Coordinate and confirm proper protection or corrective measures were completed when an incident or vulnerability is discovered within a system.
• Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.
• Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.
• Build policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.
• Ensure system recovery processes are monitored to ensure that security features are properly restored.
• Deliver expert research and analysis in support of expanding programs and areas of responsibility.
• Advise senior management on risk levels, security posture, information security programs, policies, processes, and systems.

Education, Requirements and Qualifications

• Clearance: Top Secret
• Bachelors Degree and three (3) years of relevant experience or
• Associates Degree and seven (7) years of relevant experience
• (9) years of relevant experience in lieu of a degree
• Specialized Knowledge and Experience Required:
• DoD 8570.01-M IAM Level III or IAT Level III.
• Penetration testing experience.
• Be familiar with current security policy and manuals and have the ability to work in a dynamic environment to effectively interact with numerous DoD, military/civilian personnel and industry partners.
• Possess a high degree of originality, creativity, initiative requiring minimal supervision.
• Eligible for access to Special Access Program (SAP) information and be willing to submit to a counter intelligence polygraph.
• Must be able to maintain elevated privileged access to information technology systems.

Working Conditions and Physical Requirements

• May be required to lift 50 lbs.
• May be required to stand and walk two (2) hours a day
• Some travel may be required