Information System Security Officer

Janicki Industries is an innovative, family-owned aerospace company located at the foot of the Cascades. We focus on engineering and manufacturing complex projects for companies in the aerospace, defense, and space industries. . We are looking for an Information System Security Officer to join our team.

This position is located on-site in Sedro-Woolley, Washington State

POSITION DESCRIPTION

The responsibility of the Information System Security Officer (ISSO) is to maintain the governance, risk, and compliance of isolated information systems in support of production and engineering efforts. This position requires strict adherance to the Department of Defense and Customer requirements. The ideal candidate will have a solution-driven attitude with excellent follow-up and an aptitude for collaborative problem-solving. This candidate will interface directly with the Security Department, Information Technology, Program Management, and our Customer's to draft, implement, and audit policy and procedures that allow Janicki to remain at the forefront of engineering

The following essential job functions are performed as an ISSO:

• Maintains Information Systems (IS) security implementation policy and guidelines, plans, instructions, standard operating procedures, and security education, training, and awareness program (SETA)
• Maintains familiarity with all applicable policies and regulations (e.g. NIST 800-53, NIST 800-71, NISPOM, NSA Policy Manual 9-12, etc.)
• Ensures all IS security-related documentation is current and authorizations are on file for each Information System
• Ensures software, hardware, and firmware comply with appropriate security configuration guidelines, policies and procedures, and approvals
• Effectively works with vendors for product (hardware/software) procurement to ensure systems remain compliant as needs change
• Maintains classified systems through Security Technical Implementation Guides (STIGs), self-assessments, recurring audits, and verification of system setup with applicable policies and regulations
• Analyzes security vulnerabilities/risks and provides guidance on suitable options for identified issues
• Work with program/project Managers to monitor/periodically review contract requirements for conformance
• Conducts and participates in inspections (internal and external) and implements necessary actions to correct deficiencies
• Communicates with prime contractors and government agencies to obtain approvals and maintain compliance.
• Ensure periodic testing is conducted to evaluate the security posture of the IS by employing various intrusion/attack detections and monitoring tools
• Assists users in