Cyber Security ISSM with Security Clearance
Why WWT? At World Wide Technology, we work together to make a new world happen.
Our important work benefits our clients and partners as much as it does our people and communities across the globeWWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for AllWe achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clientsWWT was founded in 1990 in StLouis, MissouriWe employmore than10,000 peoplegloballyand closed nearly $20 billion in revenue in 2023We have an inclusive culture and believe our core values are the key to company and employee successWWT is proudto have been included onthe FORTUNE 100 Best Places to Work For list 12 years in a row! Want to work with highly motivated individuals on high-performance teams? Join WWT today! What is the Solutions Consulting & Engineering (SC&E) Team and why join? Solutions Consulting & Engineering is an organization that is Customer Focused and Solutions LedWe deliver end-to-end (E2E) and emerging solutions to drive customer satisfaction, increase profitability and growthOur success is enabled by our world-class management consulting, delivery excellence and engineering brillianceWe embody the OneWWT mindset by bringing the right talent at the right time from anywhere within WWT to solve our customer's problemsOur goal is to bring together business acumen with full-stack technical know-how to develop innovative solutions for our clients' most complex challengesLocation:
San Antonio, TX What will you be doing? The Information Systems Security Manager is responsible for the cybersecurity of a program, organization, system, or enclaveProvide guidance for security systems, evaluates networks for security vulnerabilities, manages anti-virus and firewall systems, and conducts computer patch management, intrusion detection, and data encryption
Responsibilities:
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
Advise senior management (e.
g.
, CIO) on risk levels and security posture.
Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
Collect and maintain data needed to meet system cybersecurity reporting.
Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
Continuously validate the organization against policies/guidelines/procedures/ regulations/laws to ensure compliance.
Ensure security improvement actions are evaluated, validated, and implemented as required.
Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
Identify alternative information security strategies to address organizational security objective.
Identify information technology (IT) security program implications of new technologies or technology upgrades.
Interpret patterns of non-compliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Manage the monitoring of information security data sources to maintain organizational situational awareness.
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Identify security requirements specific to an information technology (IT) system in all phases of the System Life Cycle.
Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Oversee the information security training and awareness program.
Participate in an information security risk assessment during the Security Assessment and Authorization process.
Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Provide system related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.
Recognize a possible security violation and take appropriate action to report the incident, as required.
Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
Track audit findings and recommendations to ensure appropriate mitigation actions are taken.
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
Support necessary compliance activities (e.
g.
, ensure system security configuration guidelines are followed, compliance monitoring occurs)
Qualifications:
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.
Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
Knowledge of risk management processes (e.
g.
, methods for assessing and mitigating risk).
Knowledge of current and emerging threats/threat vectors.
Knowledge of applicable laws (e.
g.
, Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties, and privacy laws), statutes (e.
g.
, in Titles 10, 18, 32, 50 in U.
SCode), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed.
Knowledge of an organization's information classification program and procedures for information compromise.
Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of data backup, types of backups (e.
g.
, full, incremental), and recovery concepts and tools.
Knowledge of disaster recovery continuity of operations plans.
Knowledge of host/network access control mechanisms (e.
g.
, access control list).
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
Knowledge of incident response and handling methodologies.
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies.
Knowledge of Risk Management Framework (RMF) requirements.
Knowledge of server administration and systems engineering theories, concepts, and methods.
Knowledge of information security program management and project management principles and techniques.
Knowledge of organization's risk tolerance and/or risk management approach.
Knowledge of enterprise incident response program, roles, and responsibilities.
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.
g.
, application of defense-in-depth).
10
years' experience in Cyber Security/IT Bachelor's Degree or Higher in Cybers Security or related field Security
CE, CASP, or CySA+, CISSP or CISM Security Clearance:
Top Secret/SCI with potential for higher read-ins.
Want to learn more about our Government Services team? Check us out on our platform:
https:
//www.
wwt.
com/public-sector https:
//www.
wwt.
com/government-services The well-being of WWT employees is essentialSo, when it comes to our benefits package, WWT has one of the bestWe offer the following benefits to all full-time employees:
Health and Wellbeing:
Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness programo Financial
Benefits:
Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursemento Paid Time Off:
PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavemento Additional Perks:
Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount ProgramEqual Opportunity Employer Minorities/Women/Veterans/Individuals with Disabilities Recommended Skills Access Control List Administration Architecture Auditing Certified Information Security Manager Certified Information Systems Security Professional Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3n4mv6jgpxdwwsxylf', 'ExternalApply-j3n4mv6jgpxdwwsxylf'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
Our important work benefits our clients and partners as much as it does our people and communities across the globeWWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for AllWe achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clientsWWT was founded in 1990 in StLouis, MissouriWe employmore than10,000 peoplegloballyand closed nearly $20 billion in revenue in 2023We have an inclusive culture and believe our core values are the key to company and employee successWWT is proudto have been included onthe FORTUNE 100 Best Places to Work For list 12 years in a row! Want to work with highly motivated individuals on high-performance teams? Join WWT today! What is the Solutions Consulting & Engineering (SC&E) Team and why join? Solutions Consulting & Engineering is an organization that is Customer Focused and Solutions LedWe deliver end-to-end (E2E) and emerging solutions to drive customer satisfaction, increase profitability and growthOur success is enabled by our world-class management consulting, delivery excellence and engineering brillianceWe embody the OneWWT mindset by bringing the right talent at the right time from anywhere within WWT to solve our customer's problemsOur goal is to bring together business acumen with full-stack technical know-how to develop innovative solutions for our clients' most complex challengesLocation:
San Antonio, TX What will you be doing? The Information Systems Security Manager is responsible for the cybersecurity of a program, organization, system, or enclaveProvide guidance for security systems, evaluates networks for security vulnerabilities, manages anti-virus and firewall systems, and conducts computer patch management, intrusion detection, and data encryption
Responsibilities:
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
Advise senior management (e.
g.
, CIO) on risk levels and security posture.
Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
Collect and maintain data needed to meet system cybersecurity reporting.
Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
Continuously validate the organization against policies/guidelines/procedures/ regulations/laws to ensure compliance.
Ensure security improvement actions are evaluated, validated, and implemented as required.
Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
Identify alternative information security strategies to address organizational security objective.
Identify information technology (IT) security program implications of new technologies or technology upgrades.
Interpret patterns of non-compliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Manage the monitoring of information security data sources to maintain organizational situational awareness.
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Identify security requirements specific to an information technology (IT) system in all phases of the System Life Cycle.
Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Oversee the information security training and awareness program.
Participate in an information security risk assessment during the Security Assessment and Authorization process.
Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Provide system related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.
Recognize a possible security violation and take appropriate action to report the incident, as required.
Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
Track audit findings and recommendations to ensure appropriate mitigation actions are taken.
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
Support necessary compliance activities (e.
g.
, ensure system security configuration guidelines are followed, compliance monitoring occurs)
Qualifications:
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.
Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
Knowledge of risk management processes (e.
g.
, methods for assessing and mitigating risk).
Knowledge of current and emerging threats/threat vectors.
Knowledge of applicable laws (e.
g.
, Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties, and privacy laws), statutes (e.
g.
, in Titles 10, 18, 32, 50 in U.
SCode), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed.
Knowledge of an organization's information classification program and procedures for information compromise.
Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of data backup, types of backups (e.
g.
, full, incremental), and recovery concepts and tools.
Knowledge of disaster recovery continuity of operations plans.
Knowledge of host/network access control mechanisms (e.
g.
, access control list).
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
Knowledge of incident response and handling methodologies.
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies.
Knowledge of Risk Management Framework (RMF) requirements.
Knowledge of server administration and systems engineering theories, concepts, and methods.
Knowledge of information security program management and project management principles and techniques.
Knowledge of organization's risk tolerance and/or risk management approach.
Knowledge of enterprise incident response program, roles, and responsibilities.
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.
g.
, application of defense-in-depth).
10
years' experience in Cyber Security/IT Bachelor's Degree or Higher in Cybers Security or related field Security
CE, CASP, or CySA+, CISSP or CISM Security Clearance:
Top Secret/SCI with potential for higher read-ins.
Want to learn more about our Government Services team? Check us out on our platform:
https:
//www.
wwt.
com/public-sector https:
//www.
wwt.
com/government-services The well-being of WWT employees is essentialSo, when it comes to our benefits package, WWT has one of the bestWe offer the following benefits to all full-time employees:
Health and Wellbeing:
Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness programo Financial
Benefits:
Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursemento Paid Time Off:
PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavemento Additional Perks:
Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount ProgramEqual Opportunity Employer Minorities/Women/Veterans/Individuals with Disabilities Recommended Skills Access Control List Administration Architecture Auditing Certified Information Security Manager Certified Information Systems Security Professional Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3n4mv6jgpxdwwsxylf', 'ExternalApply-j3n4mv6jgpxdwwsxylf'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
