Share this Job

Information Systems Security Officer

Requisition ID:  232062

  • Relocation Authorized:  National - Family
  • Grade:  25
  • Position to be Panel Interviewed?  Yes 
  • Requisition Posting End Date: 12/30/2020

SALARY RANGE: $82,740 - $126,180 annually (determined by function, education, experience, and qualifications of the applicant)

Project Background


The Pueblo Chemical Agent-Destruction Pilot Plant (PCAPP) will safely destroy 2,611 tons of mustard agent in mortar rounds and artillery projectiles stored at the U.S. Army Pueblo Chemical Depot (PCD) approximately 25 miles from Pueblo, Colorado. Neutralization followed by biotreatment is the technology selected by the Department of Defense to destroy the Pueblo chemical weapons stockpile. The PCAPP plant began the operations and munition destruction phase as of September 2016.  


Candidates for unescorted access to the Chemical Limited Area must successfully clear National Agency Check with Local Check (NACLC). All employees are subject and agree to random drug and alcohol testing as a condition of employment. Must be physically fit and able to work safely at an operating plant. Eligible applicants must be a US Citizen and successfully go through a government screening process. Based on project goals and objectives, candidates established within our local community are desirable.


Role Overview


The Pueblo Chemical Agent-Destruction Pilot Plant (PCAPP) is looking for an Information System Security Officer at the Pueblo, CO location. This position will report to the Information Systems Security Manager at the PCAPP project. This position will fulfill the role of subject matter expert for systems’ cybersecurity controls and provide specialized assistance to system stakeholders for proper configuration and management of relevant security controls. 


Trains/informs various projects’ team members regarding specific cybersecurity attributes that could affect project execution. Performs a broad range of work that requires the creative application of a wide spectrum of technical and administrative controls necessary to support the Risk Management Framework (RMF) and Federal Risk and Authorization Management Program (FedRAMP) programs. Influences policy formation relevant to own areas of expertise.


Responsible for guiding system’s stakeholders in the RMF and FedRAMP documentation efforts from creation through the final assembling of the function’s and lab’s Assessment and Authorization (A&A) package(s) for customer review and approval.


The successful candidate will be a great communicator, have the desire to work in a very dynamic environment while managing changing priorities and meeting delegated goals. This position requires an individual with an inherent desire to continually learn and improve their skillset.


This is a long-term assignment with a 9-80s schedule. The work hours are from 6:30am – 4:00pm Monday – Thursday, and 6:30am – 3:00pm every other Friday. This position may require additional overtime hours as deemed necessary.


Principle responsibilities include but are not limited to:


  • Executes work as directed by the Manager of Cybersecurity in the area of cybersecurity, information security and auditing of technical and administrative security controls.
  • Provides technical feedback, development, training and mentoring of peers as necessary to support the function’s and lab’s missions in areas of cybersecurity.
  • Provides training and support to end user customers as required.
  • Maintains project schedules as delegated by the Manager of Cybersecurity.
  • Establishes appropriate technical and administrative procedures, test procedures and auditing guidelines as directed by the Manager of Cybersecurity. 
  • Initiates and contributes to standards development and facilitates the creation of controls to support the CS program as directed by the Manager of Cybersecurity.
  • Supports the cybersecurity program by documenting how technologies and processes can be used to protect key information assets.
  • Develops procedures to implement cybersecurity policies appropriate for the systems being authorized to protect against unauthorized usage, modification, disclosure and destruction of data/systems.
  • Develops procedures to implement cybersecurity policies appropriate for the systems being authorized to protect against unauthorized usage, modification, disclosure and destruction of data/systems.
  • Supports the project’s cybersecurity awareness program and communicates where needed to reinforce goals and objectives. 
  • Participates in the computer emergency response team efforts and investigates cybersecurity related incidents as directed by the Manager of CyberSecurity.
  • Collaborates with cybersecurity peers on various projects, the ICS/LIS systems and across the project to identify, define and confirm key threats to information systems and other assets.
  • Investigate irregularities in system logs and recommend corrective actions as appropriate.
  • Perform vulnerability scans, analyze results, and recommend actions to resolve findings.
  • Participate in the configuration management (CM) process for security-relevant system changes, recommend and implement solutions as directed by the Manager of Cybersecurity.
  • As part of normal job duties, the candidate may be required to be in an on-call status to promptly respond to critical cyber related issues.


Basic Qualifications:


  • Bachelor’s degree in Information Technology or Computer Science from an accredited university and six (6) years of progressive related experience relevant to Information Technology OR Cybersecurity
  • In lieu of degree, twelve (12) years of progressive related work experience relevant to Information Technology and Cybersecurity.  
  • Must be a US citizen.
  • Must be able to obtain and maintain any security clearances required for this position according to Army Regulation 50-6 (Chemical Surety) *


Minimum Qualifications:


  • 3 years of experience with Assessment and Authorization (A&A) and/or Certification and Accreditation (C&A) process using the NIST 800-37 Rev. 1 (RMF) methodology.
  • Capability to meet DODI 8570.01-M IAM Level III certification within 6 months of employment.
  • Have a working knowledge of Windows 7, 10, Windows Server 2008 R2, 2012 R2 and Microsoft Active Directory 2008 or 2012 R2 domain and historical knowledge of Microsoft products that have passed end-of-life support.
  • Have a working knowledge of Ethernet networking using TCP/IP.
  • Have a working knowledge of common ICS/SCADA protocols supporting products from major ICS vendors.
  • Communication and interpersonal skills that enables both independent and/or team approach to assigned technical work tasks.
  • Work as part of a collaborative team and can perform independently when required to get the job completed.
  • Capable of executing work when under strict time constraints.
  • Demonstrate flexibility by working with other project sites and offering cybersecurity expertise in the creation of RMF authorization packages to support IT and/or ICS/SCADA systems.
  • Intermediate level of understanding and applying Microsoft Office Suite of applications.
  • 2 years’ experience with the following:
  • Technical Knowledge of RMF NIST 800-37 Rev. 1.
  • Technical Knowledge of NIST 800-82 Rev 2.
  • Technical Knowledge of NIST 800-53/53A Rev. 4.
  • Other FIPS and NIST 800 series guidance as it relates to supporting an RMF program.
  • Strong documentation skills using project provided templates.
  • Ability to collaborate and maintain solid working relationships with peers internal and external to the projects and the NS&E organization.


Preferred Qualifications/Certifications


  • GSLC
  • CISA
  • Experience working with:
  • Industrial Control Systems
  • Laboratory Management Systems or Air Quality Monitoring Systems


This project will be subject to the Army Regulations (AR50-6 Chemical Surety) which governs persons performing work under the Personnel Reliability Program (PRP) and Unescorted Access Program (UAP). Depending on the work performed and the access granted a government security investigation and other physical requirements such as respirators may be mandated. Eligibility to be placed in a PRP or UAP position requires US citizenship.

The following Surety Program marked with an “x” apply to this job:

_____ None / No Program

_____ This position is designated as a Chemical Duty Position and is subject to the requirements of the Chemical Personnel Reliability Program (CPRP). As a condition of employment, candidates and incumbents must favorably complete a series of screenings included but not limited to: a personnel security investigation, urinalysis testing, medical exam and respiratory screening, and must meet and maintain personnel suitability and reliability requirements established by Army Regulations.

__X__ This position is designated as an Unescorted Access Position (UAP). As a condition of employment, candidates and incumbents must favorably complete a series of screenings included but not limited to: a personnel security investigation, urinalysis testing, respiratory screening and must meet and maintain personnel suitability and reliability requirements established by Army Regulations.




At Bechtel, our employees enjoy a competitive total rewards package that includes comprehensive medical, dental, and vision plans, along with optional disability and supplemental insurance options, generous paid time off, paid holidays, paid parental leave, discretionary bonuses, and a well-designed 401K plan with matching and profit-sharing components.




Shaping tomorrow together

Bechtel is one of the most respected global engineering, construction, and project management companies. Together with our customers, we deliver landmark projects that foster long-term progress and economic growth. Since 1898, we’ve completed more than 25,000 extraordinary projects across 160 countries on all seven continents. We operate through four global businesses: Infrastructure; Nuclear, Security & Environmental; Oil, Gas & Chemicals; and Mining & Metals. Our company and our culture are built on more than a century of leadership and a relentless adherence to our values, the core of which are safety, quality, ethics, and integrity. These values are what we believe, what we expect, what we deliver, and what we live.

Bechtel is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, age, national origin, physical or mental disability, citizenship status (except as authorized by law), protected veteran status, genetic information, and any other characteristic protected by federal, state or local law.