We're seeking dedicated and motivated individuals with Systems Administration, Software Development, or Systems Engineering backgrounds to join our team as an Information System Security Officer (ISSO). You will collaborate with other Palantir engineers to ensure security policies and settings are in place, build standardized security documentation, and generate evidence of compliance once settings have been applied. Our mission is deploying software in support of our customers' most critical needs as quickly as possible while upholding the government's trust. We achieve this through close consultation with stakeholders and direct ownership of the Authorization to Operate (ATO) process.

 

Responsibilities:

Achieve ATOs for Palantir software across multiple government customers with minimal oversight. Partner with engineers to analyze software, interpret security requirements, and plan effective control implementations. Provide outstanding customer service, policy expertise, and high-quality documentation. Serve as the primary in-person point of contact for one or more U.S. Government customers on cybersecurity and compliance requirements and questions. Independently interpret the findings of vulnerability scanning utilities such as ACAS (Tenable Nessus) and SCAP (STIG benchmark) and manage a Plan of Actions and Milestones (POA&M) for remediation of findings.

 

Qualifications:

Active U.S. DoD Top Secret clearance with SCI eligibility. Active DOD 8140 or 8570 Certification (e.g. CISSP or Security+). Active IAT II certification. Minimum 2 years experience directly supporting a customer’s ATO/RMF process. Proven experience using the eMASS or XACTA accreditation management software systems. Proficiency in interpreting and communicating government policy to a diverse audience. Ability to multitask under pressure, using time management and organizational skills. Specific experience working in both traditional on premises environments and cloud environments such as Amazon Web Services (AWS). Experience accrediting IT systems against U.S. Government standards including NIST SP 800-53, CNSSI 1253, and the DISA STIGs, using frameworks like DOD RMF, ICD 503, or DIACAP. Initiative in proactively identifying problems before they arise and creativity in proposing solutions.