Information System Security Officer

Role and Responsibilities Who We Are: CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, civil aviation, and healthcare by revolutionizing our customers’ training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness. CAE Defense & Security Mission: CAE's Defense and Security business unit focuses on helping prepare military customers to develop and maintain the highest levels of mission readiness. CAE Values: Empowerment, Innovation, Excellence, Integrity and OneCAE make us who we are and we strive to make a difference in the world while helping each other succeed. What We Have to Offer: Comprehensive and competitive benefits package and flexibility that promotes work-life balance A work environment where all employees are valued, respected and safe Freedom to succeed by enabling team members to deliver, take initiatives and make decisions Recognition, professional development, advancement and having fun! Summary Implement and monitor security processes relative to NISPOM and Department of Defense (DoD) Information Security requirements. Audit information system security plans and procedures to comply with DoD and separate service regulations, directives and procedures. Function as Information System Security Officer (ISSO) IAW NISPOM, coordinate and oversee compliance of multiple IA requirements in coordination with Program Managers. Provide input and assistance as a Security Department team member. Essential Duties and Responsibilities Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Responsible for DoD collateral information systems as ISSO. Design, write and audit procedures for compliance with handling, marking, access, auditing, and logging actions as specified in NISPOM and the System Security Plan (SSP) for DSS accredited systems. Prepare, maintain, and implement SSPs, under ISSM oversight, for government approval. Establishes proactive reporting system for non-compliance, intrusion or abuse of information security procedures within classified areas and investigate and recommend corrective actions for violations to the FSO. Responsible for recurring tasks on program systems as assigned: Conduct scheduled inspections of systems/facilities that process classified information. Maintain and audit all logs and records associated with classified operation procedures. Audit security logs, reports, daily system audits, security logs and authentication features to assure security-relevant actions are properly implemented and executed. Originate, deliver and document security briefings to program personnel to include each user signing acknowledgement of responsibility for security of IS classified operations. Brief and document annual active user ID revalidation and IS Configuration Management Evaluate program proposed changes or additions to IS and advice ISSM of relevance. Provide guidance and expertise to proposal managers to define requirements for applications, installations, and program architecture for information security systems to develop Contract Data Requirements Lists for classified contract efforts. Perform and document annual risk assessment to determine if additional countermeasures are required. Provide guidance on all DOD Mission Assurance Category and confidentiality levels. Responsible for collateral material marking, shipping, inventory and safeguarding. Obtain and maintain an Authorization To Operate (ATO) for software and hardware systems connecting to NIPRNet and SIPRNet. Qualifications and Education Requirements B.S. degree in Computer Science, Computer Engineering, Information Technology, Electrical Engineering or other technical equivalent. Five years directly related experience in implementation of DOD security requirements and contractor/government information security. At least one of DoD 8570.01-M Information Assurance Management (IAM) Level II Approved Baseline Certification (CAP, CASP CE, CISM, CISSP (or Associate), GSLC, or CCISO.) Experience with NIST Special Pamphlet (SP) 800-37 Guide for Applying the Risk Management Framework, NIST SP 800-53 Rev. 5 Security and Privacy Controls for Federal Information Systems and Organizations. Experience documenting compliance/non-compliance of security controls in the Enterprise Mission Assurance Support Service (eMASS) Ability to write System Security Plans (SSP) including classified portions, acceptable to Authorizing Official and compliant with all applicable DOD Directives and Instructions. Incumbent must hold current or be eligible for DOD Personnel Security Clearance at Top Secret/SCI level. Thorough knowledge and experience with the NISPOM, DOD security related instructions and directives, specific services’ security related regulations required. Extensive experience with hardware/software platforms to include MS Windows, Linux, UNIX. Military service or military environment familiarity, customs/protocol experience preferred. Ability to communicate, interact and collaborate with management, executive personnel and military personnel including senior officer levels required. Detail oriented; work with minimal supervision, analytical and problem solving capability. Direct experience with classified DoD networks. Experience obtaining and maintaining ATO for classified network. Must maintain IAM required Certification(s). Due to U.S. Government contract requirements, only U.S. citizens are eligible for this role. Security Responsibilities Must comply with all company security and data protection / usage policies and procedures.  Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval.  All government and proprietary information will be accessed and stored electronically on company provided resources. Incumbent must be eligible for DoD Personal Security Clearance. Work Environment Duties performed in an office environment and manufacturing facility Must be able to work overtime, on and off-shifts as required Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Employee is regularly required to sit, talk or hear, in person, in meetings and by telephone Manual dexterity to operate computers or other standard office equipment; and reach with hands and arms Able to support rack mounted equipment (up to 7 feet off the ground) Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice. CAE USA Inc. is an EOE/AA employer and gives consideration for employment to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you’d like more information about your EEO rights as an applicant under the law, please click here Know Your Rights: Workplace Discrimination is Illegal. PAY TRANSPARENCY NONDISCRIMINATION PROVISION The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. Position Type Regular CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted. Equal Employment Opportunity At CAE, everyone is welcome to contribute to our success. With no exception. As captured in our overarching value "One CAE", we’re proud to work as one passionate, boundaryless and inclusive team. At CAE, all employees are welcome regardless of race, nationality, colour, religion, sex, gender identity or expression, sexual orientation, disability, neurodiversity or age. The masculine form may be used in this job description solely for ease of reading, but refers to men, women and the gender diverse. At CAE, we equip people in critical roles with the expertise and solutions to create a safer world. As a technology company, we digitalize the physical world, deploying simulation training and critical operations support solutions. Above all else, we empower pilots, airlines, defence and security forces, and healthcare practitioners to perform at their best every day and when the stakes are the highest. Around the globe, we’re everywhere customers need us to be with more than 13,000 employees in more than 200 sites and training locations in over 40 countries. CAE represents 75 years of industry firsts—the highest-fidelity flight and mission simulators, surgical manikins, and personalized training programs powered by artificial intelligence. We’re investing our time and resources into building the next generation of cutting-edge, digitally immersive training and critical operations solutions while keeping positive environmental, social and governance (ESG) impact at the core of our mission. Today and tomorrow, we’ll make sure our customers are ready for the moments that matter.