At Two Six Technologies, we build, deploy, and implement innovative products that solve the world's most complex challenges today. Through unrivaled collaboration and unwavering trust, we push the boundaries of what's possible to empower our team and support our customers in building a safer global future. Join our dynamic ISSO team, where you'll play a crucial role in enhancing the security posture of critical information systems through comprehensive assessment and authorization processes. The successful candidate will have requisite cyber security experience with methods and tools used to improve the security posture of critical systems such as identifying risks, vulnerabilities, anomalies, patching, auditing, automation, security hardening, best practices, and evaluating system changes. In addition, the candidate will collaborate with developers and engineers on projects to create a secure hybrid-cloud environment.MINIMUM QUALIFICATIONS:
Bachelor's degree in Cybersecurity, IT, or other related technical discipline.
Minimum of 5 years experience in both Cybersecurity and demonstrated ability to successfully shepherd IT projects of varying types through the authorization lifecycle, or the equivalent combination of education, technical certifications or training, or work experience.
REQUIRED QUALIFICATIONS:
Communication and Collaboration:
Strong verbal and written communication skills within a team context.
Skilled in cross-team collaboration and effective communication to fulfill specific authorization requirements.
Experience working closely with stakeholders, developers, and external teams, including customer security managers (ISSMs), organizational leadership, and key personnel.
Ability to work within fast-paced customer environments.
Technical Skills and Knowledge:
Understanding of perimeter controls (firewalls), access control mechanisms, and network architectures.
Demonstrated understanding of methods for hardening operating systems (e.g., CentOS, RedHat, Windows).
Technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alerting.
Strong understanding of methodologies for researching and documenting software and hardware vulnerabilities.
Demonstrated knowledge and experience with networking topologies and hardware, including commonly used/referenced network devices, IDS, and IPS.
Extensive familiarity with communications protocols, such as TCP/IP, UDP, HTTP/S, SSH, LDAP, etc.
Demonstrated experience with security, monitoring, and auditing cloud-based technologies, products, and services, such as Amazon Web Services (AWS) or Microsoft Azure.
Applied experience with open-source and commercial tools and systems such as nmap, Nessus, Rapid7, Splunk, Nipper, Elasticsearch, Jira, Confluence, Cisco, VMware, Citrix, or Trellix, as well as GOTS tools used by the customer.
Security and Compliance:
Experience supporting control implementation assessment, reporting, and monitoring processes using cybersecurity and assessment management systems.
Applied experience with the customer's assessment and authorization tracking tools.
Knowledge of Common Control Provider (CCP) requirements and methodology.
Demonstrated experience with the design and implementation of defense-in-depth solutions.
Demonstrated skill in documenting processes and procedures in CONOPS and system security, contingency, configuration management, and other plans.
Ability to facilitate customer concurrences required for risk-based decisions, especially those requiring waivers.
Experience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirements as documented in NIST 800-53 and its revisions.
Knowledge of the customer's organization, their network systems and infrastructure, processes and procedures, and request and approval tools.
DESIRED SKILLS:
Experience in scripting/program languages such as Bash, PowerShell, or Python
SECURITY CLEARANCE:Active TS/SCI with Polygraph #LI-SD1, #LI-CP1, #LI-ONSITE Looking for other great opportunities? Check out Two Six Technologies Opportunities for all our Company's current openings! Ready to make the first move towards growing your career? If so, check out the Two Six Technologies Candidate Journey ! This will give you step-by-step directions on applying, what to expect during the application process, information about our rich benefits and perks along with our most frequently asked questions. If you are undecided and would like to learn more about us and how we are contributing to essential missions, check out our Two Six Technologies News page! We share information about the tech world around us and how we are making an impact! Still have questions, no worries! You can reach us at Contact Two Six Technologies . We are happy to connect and cover the information needed to assist you in reaching your next career milestone. Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race (including traits historically associated with race, such as hair texture, hair type and protective hair styles (e.g., braids, twists, locs and twists)), color, religion, national origin, sex (including pregnancy, childbirth or related medical conditions and lactation), sexual orientation, gender identity or expression, age (40 and over), marital status, disability, genetic information, and protected veteran status or any other characteristic protected by applicable federal, state, or local law. If you are an individual with a disability and would like to request reasonable workplace accommodation for any part of our employment process, please send an email to accomodations@twosixtech.com . Information provided will be kept confidential and used only to the extent required to provide needed reasonable accommodations. Additionally, please be advised that this business uses E-Verify in its hiring practices. EOE, including disability/vets. By submitting the following application, I hereby certify that to the best of my knowledge, the information provided is true and accurate.