Job Summary:
Dine Source is seeking an ISSO to support the U.S. Department of Commerce (DOC) National Oceanic and Atmospheric Administration (NOAA) Office of the Chief Information Officer (OCIO). We are looking for a candidate with strong systems engineering and communication skills. The candidate must have the knowledge, experience and leadership required to provide full-spectrum Security Systems Engineering services to support the planning, design, test, update, documentation, implementation, development, and sustainment/fielding to the OCIO team.
Job Duties and Responsibilities:
-
Service Integrity and Security:
- Ensure the confidentiality, integrity, availability, authenticity, and non-repudiation of NOAA0700 HAES services, equipment, and software.
- Protect all networks, equipment, and software from unauthorized access, use, disclosure, disruption, modification, and destruction.
- Implement proactive measures to prevent security breaches.
-
System Monitoring and Security:
- Continuously monitor and scan NOAA0700 HAES systems to ensure all network Access Control Lists (ACL), server firewalls, and host-based intrusion prevention systems are always functional.
- Conduct regular system audits to assess security-related factors.
- Examine potential security violations to determine if breaches have occurred and take appropriate action.
-
Incident Reporting and Response:
- Report all suspicious activities to the NOAA Computer Incident Response Team (NCIRT) immediately.
- Document breaches and intrusions comprehensively.
-
Stakeholder Communication:
- Interface with NOAA IT staff and teams, including interactions with NOAA NWave, Cyber Security NCIRT, Cyber Security NCSC – SOC, SAS, ESS, and representatives from NOAA’s Line Offices and Program Offices, to coordinate technical solutions.
-
Patch Management:
- Implement emergency patches immediately and critical patches bi-weekly.
- Inform all relevant stakeholders, including System Administrators, Information Technology Security Officers (ITSO), and the NOAA Network Operations Center (NOC).
-
Vulnerability Management:
- Schedule and conduct bi-weekly vulnerability scans.
- Address vulnerability findings, coordinate the contractor’s response, and implement any necessary preventative steps.
-
System Security Documentation:
- Maintain a System Security Plan (SSP) using the latest NOAA-approved template for the NOAA0700 HAES subsystem.
- Develop and maintain an effective Plan of Action and Milestones (POA&M) strategy, ensuring all corrective action plans for tracking and resolving information security and privacy weaknesses are up-to-date.
Job Requirements (Education/Skills/Experience):
- Technical Expertise:
- Strong knowledge of network security protocols, Access Control Lists (ACL), server firewalls, and host-based intrusion prevention systems.
- Proficiency in conducting security audits and vulnerability assessments.
- Experience with incident response and documentation of security breaches.
- Communication Skills:
- Excellent communication skills to interface effectively with various NOAA IT teams and stakeholders.
- Ability to clearly report and document security incidents and vulnerabilities.
- Organizational Skills:
- Ability to manage patch implementation schedules and maintain comprehensive security documentation.
- Strong organizational skills to handle multiple tasks and meet deadlines effectively.
Qualifications:
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (preferred).
- Relevant certifications such as CISSP, CISM, or similar are highly desirable.
- Minimum of 3-5 years of experience in IT security, network security, or a related role.
- Proven ability to manage and mitigate security risks in a complex IT environment.
If you are a dedicated professional with a passion for IT security and protecting critical infrastructure, we encourage you to apply for this position.
Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that delivers IT, professional, and environmental solutions to advance the missions of federal, state, and tribal government agencies. As thought leaders and innovators, our team of specialists build client-centric solutions that solve critical challenges faced by defense, civilian, and healthcare organizations. Employing a mission-focused approach, we deliver value that not only enhances current operations, but also drives future change. Closely aligned with this approach is our commitment to advancing the Navajo Nation and its People. Through economic development and community empowerment, we elevate the Navajo Nation to provide lasting impact and sustainable growth for future generations. DDC’s ability to unite legacy-inspired technologies, industry best practices, and proven methodologies has contributed to our success for twenty years.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E-Verify.
#LI-DNP