Cybersecurity Compliance Engineer

Why WWT?

Fueled by creativity and ideation, World Wide Technology strives to accelerate our growth and nurture future innovation. From our world class culture to our generous benefits, to developing innovative technology solutions, WWT constantly works towards its mission of creating a profitable growth company that is a wonderful place to work. We encourage our employees to embrace collaboration, get creative and think freely when it comes to delivering some of the most advanced technology solutions for our customers.

At a glance, WWT began in 1990 in St. Louis, Missouri. Today, we employ over 10,000 individuals and closed nearly $20 Billion in revenue. We have an inclusive culture and believe our core values are the key to company and employee success. Fortune recognized WWT on "100 Best Places to Work For" list for the 12th consecutive year!

Want to work with highly motivated individuals that come together to form high performance team? Come join WWT today! We are looking for an Information Systems Security Engineer (ISSE) to join our team within Public Sector.

Why should you join the Public Sector team? <>

Our team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD) and intelligence community markets. We excel at delivering innovative, operationally ready, and cost-effective IT solutions that accelerate the interoperability and resiliency of mission critical systems.

What will you be doing?

Cybersecurity Compliance Engineer for classified Intelligence Community cloud, compute, network, and storage Managed Service Provider (MSP) environments.

Location: Chantilly, VA

Clearance: TS/SCI CI Poly

Responsibilities:

• Candidate to perform security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures; assist Information Assurance (IA) team in maintaining operational security posture; perform vulnerability/risk assessment analysis; provides configuration change management (CM) expertise for information system security software, hardware, and firmware and supports Change Advisory Board (CAB) meetings.

• Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies.

• Identify, assess, and recommend cyber security products for use within an operational environment.

• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.

• Maintain operational security posture for an information system or program.

• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.

• Provide Configuration Management input for security-relevant information system software, hardware, and firmware; Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plan)

• Overall Program Support: Assist where needed to keep the overall program successful.

Requirements:

• Active TOP SECRET SCI security clearance with CI Poly

• BS in Computer Science or equivalent field of study and 5 years related experience.

• Meet the requirements of an DoD 8570.01M IASAE Level II.

• Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.

• Cloud experience including knowledge of cloud security design, requirements analysis, control implementation, and mitigation; and experience with common service providers, such as AWS and Azure.

• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).

• Knowledge of authentication, authorization, and access control methods.

• Knowledge of key concepts in security management (e.g., Release Management, Patch Management).

• Knowledge of cyber defense and information security policies, procedures, and regulations (e.g., RMF).

• Knowledge of Intrusion Detection System (IDS)/Intrusion.

• Knowledge of incident response and handling methodologies.

• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory service.

• Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

• Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.

• Experience working to the constraints of Federal policies, procedures, and regulations.

Diversity, Equity, and Inclusion is more than a commitment at WWT - it is the foundation of what we do. Through diverse networks and pipelines, we have a clear vision: to create a Great Place to Work for All. We believe inclusion includes U. Be who U are at WWT!

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program

• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement

• Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement

• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discounts

World Wide Technology, Inc. offers excellent benefits and competitive compensation. Visit our company web page at www.wwt.com for more information.

Equal Opportunity Employer Minorities/Women/Veterans/Differently abled