Information System Security Officer (ISSO)

Employer
CIRCOR International, Inc
Location
Corona, California
Posted
Dec 06, 2023
Closes
Dec 10, 2023
Ref
2688301149
Discipline
Engineering, Systems
Position Type
Other
Specialty
Autonomy
Hours
Full Time
Organization Type
Corporate
Information System Security Officer (ISSO)

BUSINESS: CIRCOR Aerospace & Defense Corona and New York Sites

LOCATION: Corona, CA

DIRECT REPORTING: Chief Information Security Officer (CISO)

FUNCTIONAL REPORTING: Corona, CA P&L Leaders, and A&D VP of Engineering.

About CIRCOR Aerospace & Defense

CIRCOR Aerospace & Defense is focused on the design, development, and manufacture of specialty fluid and motion control products for demanding aerospace and defense applications. CIRCOR products are flying on most commercial and military aircraft, including single and twin aisle air transport, business and regional jets, military transports and fighters, and commercial and military rotorcraft. Other markets include unmanned aircraft, shipboard applications, and military ground vehicles.

Business units are in Corona, California; Warren, Massachusetts; Hauppauge, New York; Paris, France; Uxbridge, UK; and Tangier, Morocco. Parent company CIRCOR International is headquartered in Burlington, Massachusetts and CIRCOR Aerospace & Defense is headquartered in Corona, California.

POSITION DETAILS

Position Summary

This role is responsible for the cybersecurity compliance of a program, organization, system, or enclave. The main role of this position is to assure that the sites (Corona and New York) comply with all applicable regulations of the Department of Defense (DoD) in the conduct of its business activities and to develop/enhance the protection of Controlled Unclassified Information (CUI) and the Cybersecurity Maturity Model Certification (CMMC) framework in accordance with NIST SP 800-171 and applicable DFARs.

The position is also responsible for the Information Assurance (IA) program as stipulated by various US Government requirements from the DoD and regulatory bodies. This person maintains the formal IS security program and policies for their assigned area of responsibility and oversees the operational information systems security implementation policy and guidelines.

The Information Security System Officer deploys, maintains, and supports on premise services. The incumbent also provides impeccable customer service by responding to customer service requests timely and accurately. Responsible for the design, implementation, maintenance, and support of CIRCOR's Intel & cloud servers, backend systems supporting the production processes for the division, as well as data storage platforms and hosted services. Provides support in maintaining service levels, and performance monitoring. Ensures that all allocated tasks and procedures are carried out effectively and efficiently to current documented standards and agreed levels of service.
  • The ISSO provides support for a program, organization, system, or enclave's information assurance program.
  • Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
  • Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
  • Performs vulnerability/risk assessment analysis to support certification and accreditation.
  • Manages changes to system and assesses the security impact of those changes.
  • Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
  • Maintains and updates all associated Plan of Action and Milestones (POAMs) documentation.
  • Works with vendors to identify, troubleshoot, and resolves hardware, software, network-related, operating system issues; research and tests possible solutions and implements solutions.
  • Perform daily monitoring and management of backups; monitor backup jobs, execute restore jobs, troubleshoot failed jobs, and initiate corrective actions, when necessary.
  • Monitors the health of critical systems, identify trends, and present results to IT Management.
  • Ensure operational stability of technologies and services supporting the lines of business.
  • Lead & meet project deliverables for new and / or changes to existing technology within project requirements.
  • Participate in technical integration activities in support of mergers and acquisitions.
  • Complete projects to budget, timelines, quality standards and business stakeholder requirements.
  • Maintain broad technical knowledge on current and emerging technologies relevant to the enterprise.
  • Monitor cybersecurity compliance by performing periodic self-inspections, tests, and reviews of information systems to ensure that workstations/servers are operating as authorized/accredited and that conditions have not changed.
  • Coordinate with program/project stakeholders, IT & Trade Compliance teams, Facility Security and IT team members to define, implement and maintain an acceptable information systems security posture.
  • Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis, including audit & updates of air-gapped laptops.
  • Preparation and maintenance of security Assessment and Authorization documentation.
  • Adhere to established IT policies and standard operating procedures.
  • Coordinate across other sites and seek Best Practice tools and processes in support of a rigor Cybersecurity posture.

Internal & External Relationships:

Works closely with all departments to provide a reliable infrastructure to support the business needs. Frequent communication with all levels of management and associates including IT Cybersecurity officer, Trade Compliance organization and Legal. Interaction with other ISSO across A&D sites to establish best practices and an efficient compliance process. Work closely with Customers and all governmental agencies to support the Business relationship in terms of regulation compliance.

CANDIDATE REQUIREMENTS

• Three (3) to five (5) years' IT experience
• Bachelor's degree in Computer Science preferred
• Extensive experience in CMMC and NIST SP 800-171 implementation
• US Security Clearance preferred
• Candidate must demonstrate experience interpreting and applying government security regulations such as NIST, NISPOM, JSIG, ICDs to information systems while performing basic troubleshooting methods, risk management, and information system security principles on a routine basis.
• Candidate must be highly organized and self-motivated with excellent documentation skills and the ability to work with minimal supervision
Candidate should be able to communicate effectively with customers and team members at all levels.
• Experience working / communicating directly with government customers.
• Ability to work independently within a schedule and with little direction
• Strong technical writing
• Should have significant hands-on experience implementing security, hardware, software, and network components
• Must be an U.S
citizen.

CIRCOR is an EEO Employer of Females / Minorities / Veterans / Individuals with Disabilities