Information Systems Security Officer (ISSO)
With more than 120 operations and approximately 20,000 employees worldwide, Precision Castparts Corp. is the market leader in manufacturing large, complex structural investment castings, airfoil castings, forged components, aerostructures and highly engineered, critical fasteners for aerospace applications. In addition, we are the leading producer of airfoil castings for the industrial gas turbine market. We also manufacture extruded seamless pipe, fittings, and forgings for power generation and oil & gas applications; commercial and military airframe aerostructures; and metal alloys and other materials for the casting and forging industries. With such critical applications, we insist on quality and dependability – not just in the materials and products we make, but in the people we recruit.
PCC is relentless in its dedication to being a high-quality, low-cost and on-time producer; delivering the highest value to its customers while continually pursuing strategic, profitable growth.
In 2016, Berkshire Hathaway, led by Chairman and CEO Warren E. Buffett, acquired Precision Castparts Corp.
Perform local facility IT functions on information systems within classified environments or enclaves and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of classified systems. Include support of process, analysis, coordination, security certification test, security documentation, investigations, software research, hardware introduction/release, emerging technology research inspections and periodic system audits. Assist in the implementation of the required government policy (i.e., NISPOM, DCID 6-3), make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.
DUTIES & RESPONSIBILITIES:
- Ensure local facility systems are operated, maintained, and disposed of in accordance with security policies and procedures outlined in security authorization packages.
- Verify implementation of delegated aspects of IS security program.
- Attend technical security training (e.g., operating system/networking/security management) relative to assigned duties.
- Ensure all local IS users have requisite security clearances, authorization, need-to-know and aware of their security responsibilities before granting access to the IS.
- Report all security-related incidents to the local facility ISSM.
- Conduct periodic reviews of IS to ensure compliance with the security authorization package.
- Serve as member of the Configuration Control Board (CCB).
- Coordinate changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change.
- Formally notify the facility ISSM when changes occur that might affect system authorization.
- Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
- Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
- Ensure audit records are protected, collected, and reviewed.
- Assist with local facility unclassified IT systems as needed.
Candidates will not be excluded from consideration with equivalent education and/or experience.
Must be able to satisfy federal government requirements for access to government information.
Having dual citizenship may preclude you from being able to meet this requirement.
- Active U.S. Citizenship.
- Active USGSC Interim/Secret (+) security clearance.
- Able to maintain required USGSC level security clearance.
- Bachelor’s degree with (2+) years of experience in system administration/desktop support
or (6+) years of related industrial/cybersecurity administration experience.
- Current DoD 8570 Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP).
- Familiarity with DISA Security Technical Implementation Guides (STIGs) and security tools such as Splunk, Symantec, MS Office, VMWare, etc.
- Working knowledge of National and International security frameworks.
- Experience working with the Defense Counterintelligence & Security Agency (DCSA) Authorization and Assessment Process Manual (DAAPM).
- Experience in secure environments that are compliant with the NISPOM, with special emphasis on information assurance as well as Risk Management Framework (RMF) requirements.
- Familiarity with configuration control and change management (PDQ Deploy/Inventory).
- Familiarity with networking concepts (switches/network security).
- Experience with security concepts (Data Loss Prevention, Active Directory, and Security Log Analysis).
- Experience with Microsoft Windows administration in physical/virtual environments .
- Strong written and verbal communication skills; ability to present reports to management; motivated to thoroughly investigate, analyze, and document system issues and resolutions.
- Ability to produce quality deliverables and to complete assigned projects on time; provides consistent status updates ensuring IT projects stay focused; reports discovered anomalies/inconsistencies.
- Consistent attention to detail - completes tasks per standard operating procedures; reports discovered anomalies and inconsistencies.
- Persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems; identifies root cause and presents possible solutions to management.
- Strong work ethic and a proven professional - respectful, dependable, take initiative and follows through.
- Highly motivated and works well in a fast pace, team-oriented environment; continuously develops new competencies to accommodate evolving expectations.
This position may be expected to work varying shifts and hours to ensure successful operation of activities in the organization. Employees in this position must possess mobility to work in a standard office setting and to use standard office equipment, including a computer; occasionally lift/carry/push/pull up to 25 pounds; require occasional walking, climbing, stooping, crouching, and/or bending; require the use of personal protective equipment such as safety glasses, safety shoes etc.
This requisition is closed to applications.