Seneca Global Services, LLC is part of the Seneca Nation Group (SNG) portfolio of companies. SNG is the federal government contracting business wholly owned by the Seneca Nation. SNG meets mission-critical needs of federal civilian, defense, and intelligence community customers across a variety of domains. The SNG portfolio receives shared services support from its parent company Seneca Holdings and is comprised of multiple companies that participate in the Small Business Administration 8(a) program. To learn more visit www.senecanationgroup.com and follow us on LinkedIn.

The Seneca Nation Group companies offer competitive compensation and a strong benefits package including comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family. We pride ourselves on our collaborative work environment and culture which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation.

Seneca Global Services, LLC is seeking an Information Systems Security Officer (ISSO) to join a technical team that enables our employees to make a difference in supporting our DOD customer and their mission. The ISSO will be integrated into a team that captures and refines security and privacy requirements for systems and ensures that the requirements are effectively integrated into systems and system elements through security or privacy architecting, design, development, and configuration. The ISSO will serve as the security liaison as it applies to all things physical, personnel, information and cyber, operations, Anti-Terrorism, law enforcement, communications and technical security.

Responsibilities include, but are not limited to:

Directly support and provide inputs to the ISSM such as, but not limited to, support the Assessment and Authorization (A&A), duties identified in the Continuous Monitoring Plans and to facilitate the Security Controls Assessment for all assigned information systems.

• Assists in the administration and monitoring of the implementation of the Risk Management Framework (RMF) steps and activities throughout system life cycle to ensure appropriate security posture is maintained.
• Implement cyber security program, policies, and procedures for the assigned information systems.
• Maintain a working knowledge of current and upcoming/scheduled events, assigned information system functions, security policies, technical security safeguards, and operational security measures.
• Possess SME-level knowledge of DoD, Defense Intelligence Agency (DIA), and Risk Management Frameworks (RMF) core concepts and processes.
• Coordinate with applicable stakeholders.
• Maintain the Authorization to Operate (ATO) packages, as required, for the assigned information systems in the appropriate A&A System of Record (e.g., XACTA 360, Keystone, eMASS).
• Review/analyze Audit Logs (e.g., Leverage Splunk to review audit logs aggregated from Windows, Linux, Switches, Storage, VMWare, and other components as applicable) for assigned information systems.
• Perform validation checks to ensure the assigned information systems have the CM-approved software installed, to include Antivirus definitions.
• Perform cyber security compliance/vulnerability scans using ACAS/Nessus, SCC, and/or Evaluate-STIG and manual checks.
• Execute the ISSO-specific duties identified in programs Plans for the assigned information systems.
• Implement the account management process for the assigned information systems and issue the appropriate credentials to users.
• Implement the user-centric cyber security education, training, and awareness program, as required by the ISSM.
• Perform other duties as assigned in support of the NCRC mission.

Basic Qualifications:

• Active TS/SCI Clearance required.
• BS from an accredited college or university and 8+ years of experience, other experience may be considered instead of a degree.
• Minimum of 5 years of extensive experience in cyber security, information assurance, and risk management framework processes.
• DoD 8570.0 and DoDD 8140.01 Information Assurance Technical (IAT) Level II or higher.
• 2+ years of demonstrated aggregate experience performing IT application, system, and Network project reviews and providing technical and policy DoD cybersecurity guidance.

Desired Skills:

• Shall have at least one certification requirement listed on DoDM 8140.03, DoD Cyberspace Workforce Framework
• Have direct knowledge of:
• VMWare – Virtualization and security (vSphere, vCenter, ESXi)
• Oracle Linux
• Windows 10, 11, Server 2019
• STIG and IAVA implementation
• NetApp – Storage technologies
• ACAS/Nessus, SCC, Evaluate-STIG
• Splunk Enterprise