CMMC - Information Security System Officer (ISSO)

Responsibilities

• Operations Support
• Review user requests in conjunction with ISSM and System Administrators to determine security impacts of software additions or configuration changes to systems.
• Onboard users to systems, including development and delivery of training and briefings of Roles and Responsibilities operating on systems.
• Risk Management and Assessment :
• Conduct regular risk assessments and vulnerability assessments to identify potential security threats.
• Implement risk mitigation strategies and manage the risk management framework.
• Continuous Monitoring and Audit Management :
• Prepare for and execute both self-assessments and external assessments with Government Security Control Assessors in support of achieving and maintaining CMMC accreditation.
• Execute Continuous Monitoring activities of employed security controls to ensure comprehensive and effective implementation over time, including but not limited to analyzing user/system audit logs, malware protections, vulnerability reporting, and access reviews.
• Incident Response and Management :
• Develop and maintain an Incident Response Plan, partnering with Government Customers/Prime/Subcontractors for reporting procedures.
• Lead incident response activities, including investigation, containment, and remediation of security incidents.
• Investigate and adjudicate SIEM events.
• System Security Plans (SSPs) :
• Maintain System Security Plans and collecting all required artifacts (Compliance and Vulnerability reports, documented Policies/Procedures, etc.)
• Ensure that SSPs are regularly reviewed, updated, and compliant with regulatory requirements.
• Collaboration and Communication :
• Work closely with System Administrators, compliance, and other departments to ensure cohesive and comprehensive security strategies.
• Serve as a point of contact for security-related issues and provide guidance and support to other teams.
• Continuous Improvement :
• Stay up-to-date with the latest security trends, technologies, and regulatory requirements.
• Continuously improve security measures and processes to protect information systems effectively.

Requirements

• Citizenship: US Citizenship
• Clearance: Eligibility for a US Government Security Clearance
• Education : Bachelor's degree in Information Security, Computer Science, or a related field.
• 2+ years of experience in information security, working with Federal Regulations
• Proven experience in leading the management and implementation of an Information Security Program.
• Technical Skills :
• Strong understanding of security frameworks and standards for NIST SP 800-171 and DevSecOps.
• Proficiency in security tools and technologies, such as SIEM, IDS/IPS, STIG Hardening, and vulnerability management solutions.
• Exposure to technologies and concepts including Kubernetes Containerization, AWS GovCloud Environments and Tooling, CI/CD pipelines, and Secure Network Architecture.
• Soft Skills :
• Excellent communication and interpersonal skills.
• Strong analytical and problem-solving abilities.
• Ability to manage multiple projects and priorities in a fast-paced environment.
• ITAR REQUIREMENTS
• Why you'll love working at Quindar
• We work in a cutting edge industry and you will get the

Additional Information

Quindar Quindar builds modern, cloud-native satellite mission operations software with a simple mission: to operate satellites like servers. Our platform replaces fragmented, legacy ground systems with an integrated, automation-driven approach that brings modern software velocity to space operations. We're a small, fast-moving team with deep aerospace and software roots, energized by big challenges and motivated by the impact we have on real missions in this next chapter of the Space Age. If you want to work with sharp, ambitious people who push boundaries, move quickly, and are excited to take space operations to the next level, Quindar is the place to do it. What you will be doing 🧑💻 The Information Systems Security Officer (ISSO) is responsible for enforcing and maintaining information security policies, standards, and procedures to ensure the confidentiality, integrity, and availability of information systems. The ISSO will uphold requirements in NIST SP 800-171 to protect Quindar Business Systems that process, transmit, or store Controlled Unclassified Information (CUI) and maintain Cybersecurity Maturity Model Certification (CMMC) 2.0 accreditation. The ISSO will coordinate directly with the Quindar ISSM, FSO, System Administrators, Leadership, and the General User community to foster strong security culture and ensure compliance with governing Federal Regulations.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at quindar? Share your experience