Chief information officer [h1.location_city]

divh2ISSO Position at Kratos / h2pAt Kratos, we encourage an entrepreneurial spirit balanced with discipline. We work hard, and take care of our customers, employees, and families. Recognized as thought leaders in our industry, we are motivated by creating and delivering innovative solutions to our nation and global customers. Kratos has an exciting opportunity for an ISSO to support the Information Assurance (IA) development and sustainment of assigned systems and to serve as a security support element for technical teams. This is accomplished in compliance with CMMC and Risk Management Framework (RMF) policies and procedures, including the development of System Security Plans (SSP), Risk Assessment Reports (RAR), Plans of Action and Milestones (POAM), and Security Control Traceability Matrices (SCTM). The ISSO maintains the operational security posture to ensure that security policies, standards, and procedures are followed throughout the system lifecycle. Additionally, the ISSO supports vulnerability and risk assessment analysis to achieve and sustain Authorization to Operate (ATO) and ensures information system security requirements are integrated into configuration management for software, hardware, and firmware. / ppPrimary Responsibilities : / pulliPerform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities. / liliParticipate in regular security self-inspections and audits. / liliAssist with the selection and implementation of security controls and features for systems and applications. / liliIdentify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle. / liliPerform security assessments on new and proposed products and technologies to ensure secure integration into the approved baseline. / liliProvide product security engineering support and recommendations used to resolve integration and testing issues. / liliMaintain a standardized set of security product requirements and produce metrics to report performance against those requirements. / liliReview and define security diagnostics and tools to facilitate the analysis and reporting of security events. / liliAssist other teams with mitigating security risks, responding to product security incidents, and product security related issues. / liliParticipate in security architecture and design review meetings. / liliManage system access and revocation requests. Track and verify DoD certification requirements in accordance with DoD 8140 guidance. / li / ulpExperience and Skills : / pulliA solid knowledge of the DISA / DoD Risk Management Framework. / liliCompTIA Security+ CE, CASP+, or equivalent cybersecurity certification. / liliExperience with security controls, RMF, and STIGs. / liliFamiliarity with modern IT infrastructure capabilities to include virtualization, cloud deployment, and containerization. / liliSelf-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment. / liliAble to clearly communicate technical concepts orally and in written forms to internal and external audiences with technical and non-technical backgrounds. / liliCapable of working in a fast-paced team environment. / liliExcellent organizational and communication skills and able to effectively interact with managers and technical staff. / liliTop Secret clearance with SCI eligibility required. Candidates with Special Access Program (SAP) experience are highly valued. / li / ulpPreferred Skills and Experience : / pulli2 years as an ISSO or equivalent duties. / liliFamiliarity with eMASS, XACTA, or similar government systems of record. / liliFamiliarity with Zero Trust Architecture (ZTA) requirements. / liliExperience with Windows and RHEL environments. / liliExperience with AWS. / liliExperience with security tools in the following areas : Malicious code prevention and analysis (i.e., Trellix), Audit log analysis (Splunk, Greylog, etc.), Patch Management and Vulnerability Analysis (Tenable Security Suite ACAS), and security tools which support the implementation of DISA STIGs (SCC, Evaluate STIG, STIG Viewer, etc.). / li / ulpCompetitive salary based on experience and education Salary Range : $89,000-$125,000 / ppJob Benefits : / pulliMedical, Dental Vision Insurance Coverage / liliLife / ADD Short / Long Term Disability Insurance / lili401(k) Savings Plan / liliEmployee Stock Purchase Plan (ESPP) / liliPaid Time-Off (PTO) / liliHolidays / liliEducation Reimbursement / li / ul / div