Job Description Overview SOSi is currently seeking an experienced Information Systems Security Officer for our team in Ramstein AB, Germany. The candidate will be responsible for planning, implementation, and maintenance of security measures to protect information technology networks and systems. Works with customers, partners, stakeholders, and team members to develop and implement DoD security procedures. Essential Job Duties Analyzes and defines security requirements. Implement and enforce all AF cyber security policies, procedures, and countermeasures. Supports the system assess and authorize (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and DAF policies. Ensure all users have the requisite security clearances and need-to-know, complete annual cyber security training, and are aware of their responsibilities before being granted access to IT according to DAFMAN 17-1304. Maintain all authorized user access control documentation IAW the applicable AF Records Information Management System. Ensure software, hardware, and firmware comply with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides). Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval, and coordinates changes or modifications with the enclave-level ISSM or Security Control Assessor (SCA). Initiate protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered. Recommends policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data. Conducts risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Promotes awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals. Conducts systems security evaluations, audits, and reviews. Recommends systems security contingency plans and disaster recovery procedures. Recommends and implements programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures. Participates in network and systems design to ensure implementation of appropriate systems security policies. Facilitates the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. Assesses security events to determine impact and implements corrective actions. Ensures the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services. Report security incidents or vulnerabilities to the system-level ISSM according to AFI 17-203, Cyber Incident Handling. Will execute ISSO duties as outlined in DoDI 8500.01, AFI 17-101, AFI 17-1301, and AF 17-1303 for assigned network enclaves. Maintain familiarity with relevant DOD/NIST RMF publications, including NIST 800-53, 800-60, 800-37, DODI 8540.01 CDS Policy, and DOD Directive 5144.02.