Information System Security Officer (ISSO)

DIRECT REPORTING : Chief Information Security Officer (CISO)

FUNCTIONAL REPORTING : Corona, CA P&L Leaders, and A&D VP of Engineering.

About CIRCOR Aerospace & Defense

CIRCOR Aerospace & Defense is focused on the design, development, and manufacture of specialty fluid and motion control products for demanding aerospace and defense applications. CIRCOR products are flying on most commercial and military aircraft, including single and twin aisle air transport, business and regional jets, military transports and fighters, and commercial and military rotorcraft. Other markets include unmanned aircraft, shipboard applications, and military ground vehicles.

Business units are in Corona, California; Warren, Massachusetts; Hauppauge, New York; Paris, France; Uxbridge, UK; and Tangier, Morocco. Parent company CIRCOR International is headquartered in Burlington, Massachusetts and CIRCOR Aerospace & Defense is headquartered in Corona, California.

POSITION DETAILS

Position Summary

CIRCOR is actively searching to identify a dynamic and impactful Information Systems Security Officer (ISSO) to assure that the sites (Corona and New York) comply with all applicable cybersecurity regulations of the Department of Defense (DoD) and to develop / enhance the protection of Controlled Unclassified Information (CUI) and the Cybersecurity Maturity Model Certification (CMMC) framework in accordance with NIST SP 800-171 and applicable DFARs. The ISSO serves as the linchpin of an organization's cybersecurity strategy, tasked with safeguarding data integrity, confidentiality, and availability. The role of an ISSO is instrumental in developing, implementing, and maintaining security protocols that align with regulatory requirements and industry standards. This role requires a blend of technical proficiency, analytical thinking, and strong leadership abilities to manage security incidents, conduct risk assessments, and ensure compliance with security policies.

The position is also responsible for the Information Assurance (IA) program as stipulated by various US Government requirements from the DoD and regulatory bodies. This person maintains the formal IS security program and policies for their assigned area of responsibility and oversees the operational information systems security implementation policy and guidelines.

The Information Security System Officer deploys, maintains, and supports on premise services. The incumbent also provides impeccable customer service by responding to customer service requests timely and accurately. Responsible for the design, implementation, maintenance, and support of CIRCOR's Intel & cloud servers, backend systems supporting the production processes for the division, as well as data storage platforms and hosted services. Provides support in maintaining service levels, and performance monitoring. Ensures that all allocated tasks and procedures are carried out effectively and efficiently to current documented standards and a

• The ISSO provides support for a program, organization, system, or enclave's information assurance program.
• Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
• Performs vulnerability / risk assessment analysis to support certification and accreditation.
• Manages changes to system and assesses the security impact of those changes.
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Maintains and updates any and all associated Plan of Action and Milestones (POAMs) documentation.
• Works with vendors to identify, troubleshoot, and resolves hardware, software, network-related, operating system issues; research and tests possible solutions and implements solutions.
• Perform daily monitoring and management of backups; monitor backup jobs, execute restore jobs, troubleshoot failed jobs, and initiate corrective actions, when necessary.
• Monitors the health of critical systems, identify trends, and present results to IT Management.
• Ensure operational stability of technologies and services supporting the lines of business.
• Lead & meet project deliverables for new and / or changes to existing technology within project requirements.
• Participate in technical integration activities in support of mergers and acquisitions.
• Complete projects to budget, timelines, quality standards and business stakeholder requirements.
• Maintain broad technical knowledge on current and emerging technologies relevant to the enterprise.
• Monitor cybersecurity compliance by performing periodic self-inspections, tests, and reviews of information systems to ensure that workstations / servers are operating as authorized / accredited and that conditions have not changed.
• Coordinate with program / project stakeholders, IT & Trade Compliance teams, Facility Security and IT team members to define, implement and maintain an acceptable information systems security posture.
• Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis, including audit & updates of air-gapped laptops.
• Preparation and maintenance of security Assessment and Authorization documentation.
• Adhere to established IT policies and standard operating procedures.
• Coordinate across other sites and seek Best Practice tools and processes in support of a rigor Cybersecurity posture.

Internal & External Relationships :

Works closely with all departments to provide a reliable infrastructure to support the business needs. Frequent communication with all levels of management and associates including IT Cybersecurity officer, Trade Compliance organization and Legal. Interaction with other ISSO across A&D sites to establish best practices and an efficient compliance process. Work closely with Customers and all governmental agencies to support the Business relationship in terms of regulation compliance.

Requirements

CANDIDATE REQUIREMENTS

Information Systems Security Officer (ISSO) Qualifications & Skills :

PAY RANGE : $90,000.00 - 112,000.00 base salary. Pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience.

CIRCOR is an EEO Employer of Females / Minorities / Veterans / Individuals with Disabilities

Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities

This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.