As an Information Systems Security Officer, you will play a critical role in shaping classified, closed, or air-gapped environments in which to deploy Anduril products or software. You will be well-versed in a combination of Information Technology, Security, and government accreditation processes, and will utilize your sharp critical thinking skills to balance Business Line needs, product velocity, and customer requirements.

Responsibilities:

• Provide expertise in documenting security controls that apply to respective systems to meet cybersecurity framework requirements.
• Perform required security functions on an iterative basis to meet requirements and deliver results.
• Apply technology standards from the commercial space in classified, air-gapped environments.
• Assist the ISSM, fellow ISSOs, and other members of the Classified Infrastructure team to understand key stakeholders' needs and provide complex technical solutions to meet contractual obligations.
• Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs.
• Define, document, and conduct security scanning on Anduril's products and accredited information systems.
• Scope, shape, and orchestrate the development of features to ensure products meet compliance goals.

Requirements:

• Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards.
• Participate and assist in security risk assessments, vulnerability assessments, and audits to identify and mitigate threats.
• Speak to and recommend security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies.
• Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems.
• Maintain and update System Security Plans (SSPs), POA&Ms, and other accreditation documentation.
• Manage the organization's security posture, ensuring compliance with internal policies and external regulatory frameworks.
• Participate in the Authorization and Accreditation (A&A) processes to obtain/maintain system Authority to Operate (ATO).
• Able to assist, even lead, incident response efforts, including investigation, root cause analysis, containment, and reporting.
• Conduct regular audits, continuous monitoring, and risk assessments to ensure ongoing compliance and system resilience.
• Collaborate with government security officials, stakeholders, and teams to address security gaps and improve controls.
• Currently possesses and is able to maintain an active U.S. Top Secret security clearance.

Preferred Qualifications:

• Experience with industry standard tools such as Splunk, DISA STIGs, and SCC.
• The ability to understand programming/scripting languages, i.e. Python, Powershell, Bash
• An understanding of Linux Red Hat operating systems and SELinux policy.

XML job scraping automation by YubHub