Information Systems Security Manager (ISSM)

Why WWT?

Fueled by creativity and ideation, World Wide Technology strives to accelerate our growth and nurture future innovation. From our world class culture, to our generous benefits, to developing innovative technology solutions, WWT constantly works towards its mission of creating a profitable growth company that is a great place to work. We encourage our employees to embrace collaboration, get creative and think outside the box when it comes to delivering some of the most advanced technology solutions for our customers.

At a glance, WWT began in 1990 in St. Louis, Missouri. Today, we employ over 7,500 individuals and closed nearly $17 Billion in revenue. We have an inclusive culture and believe our core values are the key to company and employee success. Fortune recognized WWT on "100 Best Places to Work For" list for the 12th consecutive year!

Want to work with highly motivated individuals that come together to form high performance team? Come join WWT today! We are looking for an Information Systems Security Manager (ISSM) to join our team within Public Sector.

Why should you join the Public Sector team? << >>

Our team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD) and intelligence community markets. We excel at delivering innovative, operationally ready and cost-effective IT solutions that accelerate the interoperability and resiliency of mission critical systems.

What will you be doing?

ISSM for classified Intelligence Community cloud, compute, network, and storage Managed Service Provider (MSP) environments.

Clearance: Top Secret/SCI CI Poly

Location: Chantilly, VA

Certification: DoD 8570.01M IASAE II (CISSP, CASP or CSSLP)

Responsibilities:

• ISSM: Oversee eight security authorization activities for all assets (currently 8) to ensure compliance with Risk Management Framework (RMF) policies and procedures.
• Lead team consisting of sub-contractors to complete responsibilities.
• Maintain operational security posture; perform vulnerability/risk assessment analysis
• Ensure system security measures comply with applicable government policies.
• Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
• Active member of the Program Change Advisory Board.
• Maintain thorough understanding of customer security controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).
• Draft and/or prepare and maintain security Assessment and Authorization documentation (i,e System Security Plan, Security Controls Traceability Matrix, Continuous Monitoring Plan and Certification Test Plan).
• Manage all Assessment and Authorization (A&A) activities for IS according to the System Developed Life Cycle (SDLC) of the intelligence Community Directive (ICD)-503 Risk Management Framework process.
• Overall Program Support: Assist where needed to keep the overall program successful.

Requirements:

• Active TOP SECRET SCI security clearance with CI Poly
• BS in Computer Science or equivalent field of study and 5 years related experience.
• Meet the requirements of an DoD 8570.01M IASAE Level II.
• Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.
• Cloud experience including knowledge of cloud security design, requirements analysis, control implementation, and mitigation; and experience with common service providers, such as AWS and Azure.
• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
• Knowledge of cyber defense and information security policies, procedures, and regulations (e.g., RMF).
• Knowledge of Intrusion Detection System (IDS)/Intrusion.
• Knowledge of incident response and handling methodologies.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory service.
• Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Experience working to the constraints of Federal policies, procedures, and regulations.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

Diversity, Equity, and Inclusion is more than a commitment at WWT -- it is the foundation of what we do. Through diverse networks and pipelines, we have a clear vision: to create a Great Place to Work for All. We believe inclusion includes U. Be who U are at WWT! Equal Opportunity Employer Minorities/Women/Veterans/Individuals with Disabilities