eWAN Information System Security Officer (ISSO) Onsite

About The Position

Requirements

• Bachelor’s Degree with 5 years of relevant experience managing and implementing security program requirements in a classified environment, or an advanced degree with 3 years of relevant experience working in a classified environment.
• Compliance-based auditing using the RMF, Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), or National Industrial Security Program Operating Manual (NISPOM).
• Certifications equivalent to or exceeding DoD 8570.01-M IAM Level I functional and baseline certification requirements.
• Knowledge and/or experience with STIGs, SCAP, Splunk, Tenable or other system hardening and compliance, vulnerability assessment, network security and/or SIEM tools.
• Active and transferable U.S. government issued security clearance is required prior to start date.​ U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance​
• DoD Clearance: Secret
• Active and existing security clearance required on day 1

Nice To Haves

• Experience working in DoD classified operating environments and/or in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF), NIST 800-53- Rev 4
• Experience with Scaled Agile Framework (SAFe) work practices.
• Experience with large multi-facility networks including various and complex components.
• Excellent oral and written communication skills with attention to detail and ability to multitask.
• Ability to adapt to rapidly changing environment and work under pressure to meet project deadlines.

Responsibilities

• The ISSO is primarily responsible for system compliance, auditing and delivering information systems security education and awareness.
• The ISSO will assist in investigating information system security violations and help prepare reports specifying corrective and preventative actions.
• Perform security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.).
• Assists in overseeing and managing the patch management process and execution across enterprise networks. Verifying the implementation of delegated aspects of the system security program.
• Ensuring audit records are collected and analyzed in accordance with the security plan.
• Individuals will develop, update, and/or review Risk Management Framework (RMF) documentation to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M), Risk Assessment Report (RAR), as assigned by the ISSM.
• Collaborates with CDS and peer BU ISSMs/ISSOs for alignment and sharing of best practices.

Benefits

• Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs.
• Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.
• Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays.
• Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.
• Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement.
• Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.