American Communications Solutions and By Light Professional IT Services are recruiting dedicated and talented IT Service and Program Management Office professionals. EWOCS provides reliable high-quality communications and innovative IT solutions for the Guardians, Airmen, and Government agencies assigned to Patrick Space Force Base, Cape Canaveral Space Force Station, and Vandenberg Air Force Base. Be a part of the team that delivers excellence in national missile defense, human space flight, space launch, and combat rescue!

As an ISSO, you will be responsible for developing and implementing security measures to protect our computer systems and networks as well as ensuring the appropriate operational security posture is maintained for accredited information systems (IS) in support of the Risk Management Framework (RMF) and the terms of the IS accreditation. This position works in close collaboration with Information System Security Engineers (ISSE), Information System Security Manger (ISSM), and Information System Owner (ISO). The ideal candidate should have a solid understanding of information security principles, excellent problem-solving skills, and the ability to communicate effectively with both technical and non-technical personnel.

• Develop and maintain a comprehensive information security program to safeguard the organization's data, systems, and networks.
• Conduct regular risk assessments to identify potential security vulnerabilities and recommend appropriate countermeasures.
• Monitor and analyze security logs and reports to identify and respond to potential security incidents.
• Implement and enforce security policies and procedures to ensure the protection of sensitive information and assets.
• Conduct security audits and assist with the preparation for external security assessments.
• Coordinate incident response activities, investigate security breaches, and provide recommendations for incident mitigation.
• Stay up-to-date with the latest information security trends, technologies, and best practices to ensure continuous improvement of the organization's security posture.
• Educate and train employees on best practices for information security, data privacy, and incident response.
• Collaborate with internal and external stakeholders to address security concerns, implement security standards, and ensure compliance with regulatory requirements.
• Validate activities and controls to assess and secure information. Evaluate gaps in security and identify solutions to mitigate risk, including business processes, technical controls and policy improvements.
• Integrating information assurance requirements into system designs, ensuring program compliance with government requirements and obtaining an ATO.

• Bachelor's degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, etc.) is highly desired.
• Proven work experience as an Information Systems Security Officer or a similar role, preferably in a complex organizational setting.
• In-depth knowledge of information security principles, methodologies, and best practices.
• Familiarity with industry standards and regulations (e.g., ISO 27001, NIST 800-53, etc.).
• 5 -7 years of Information Systems experience with 5 years of Information Assurance/ Cybersecurity (IA/CS) experience.
• 5 years of experience with Risk Management Framework (RMF) DODI 8510.01.
• Experience in conducting risk assessments and implementing security controls.
• Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools.
• Strong analytical and problem-solving skills to identify security gaps and develop effective mitigation strategies.
• Excellent written and verbal communication skills to effectively communicate complex security matters to technical and non-technical audiences.
• Ability to work independently and collaborate with cross-functional teams to achieve common security goals.
• Knowledge of incident response procedures and familiarity with forensic tools is a plus.
• Knowledge of Information Security or Information technology standards.
• Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, ICS, DoD, or other Government Regulatory compliance standards within a professional industry.
• Familiarity with the AFIC RMF tool called Xacta® 360.

• Active DoD TS/SCI Clearance