Information Systems Security Officer - Security
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, Information Security
Information Systems Security Officer - Security
Grand Forks, 345 Tuskegee Airman Blvd, Grand Forks AFB, North Dakota, United States of America
Job DescriptionYork Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next- generation space mission operations worldwide. Today, York is one of the most innovative aerospace companies, specializing in end-to-end customer solutions and the rapid production of spacecraft platforms. York’s complete Space Segment Solution includes spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations, enabling customers to leverage York’s existing technology solutions to get to orbit rapidly and responsively.
We’re looking to expand our team across the board.
York Space Systems is seeking an Information Systems Security officer (ISSO) to facilitate A&A (Authorization & Assessment) efforts throughout multiple systems’ RMF lifecycle. The selected candidate will take the lead in supporting multiple RMF accreditation efforts and will perform tasks that include determining DoD requirements, hardware/software configuration management (to include baseline configuration), risk assessments/vulnerability assessments, testing and documenting security controls, and ensuring overall compliance with DoD Cybersecurity policies.
The ideal candidate will have experience working as an ISSO or security relevant field and must be comfortable operating in a senior role and mentor for junior ISSOs. The selected candidate will be able to speak directly with customers with little to no Information System Security Managers (ISSM) involvement and be the face of security for their selected boundaries. Responsibilities below are inclusive ISSO duties.
- Oversee day-today operations required to perform RMF
- Delegate tasks and create deadlines to meet security requirements
- Be forward facing for customer interactions which will translate into system requirements
- Spearhead building RMF packages within eMASS and perform continuous monitoring for the full duration of the information system lifecycle
- Implement the Risk Management (RMF) process throughout the entire A&A lifecycle of the system(s) or multiple ATOs across different locations, supporting all efforts pre and post Authority to Operate (ATO) determination
- Assist the ISSM in meeting their duties to support A&A activities and coordinate with system’s Security Controls Assessor (SCA) and Authorizing Official (AO)
- Perform and review technical security assessments of the system(s) to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies to maintain operational security posture for the boundary systems
- Conduct risk analyses from vulnerability, compliance scans, penetration testing results, and/or other audit activities
- Create and maintain Plan of Action and Milestones (POA&Ms), System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Standard Operating Procedures (SOPs), Configuration Management Plans, Contingency Plans and Test Result/Security Impact Analyses
- Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
- Conduct continuous monitoring (Con Mon) activities for applicable authorization boundaries
- Apply and maintain up to date application of Security Technical Implementation Guides (STIGs) to required components of the information systems
- Maintain inventory and asset configuration to include change management documentation
- Lead System level change request through formalized Configuration Control boards (CCB)
- Ensure that the appropriate operational security posture is maintained for the information system, working in close collaboration with the information system owner and the ISSM
- Notify ISSM when changes occur that might affect the authorization determination of the information system(s)
- Experience in advising System Administrators to Remediate system decencies
- Report all security-related concerns and incidents to the ISSM
- Able to…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).