Cybersecurity Compliance Engineer

Why WWT?

Founded in 1990, World Wide Technology (WWT), a global technology solutions provider leading the AI and Digital Revolution, with $20 billion in annual revenue, combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for large public and private organizations around the world. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps customers and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.

With over 10,000 employees and more than 55 locations around the world, WWT’s culture, built on a set of core values and established leadership philosophies, has been recognized 13 years in a row by Fortune and Great Places to Work® for its unique blend of determination, innovation and creating a great place to work for all.

Want to work with highly motivated individuals on high-performance teams? Join WWT today!

Why should you join the Public Sector team? https://www.wwt.com/public-sector >>

Our team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD) and intelligence community markets. We excel at delivering innovative, operationally ready and cost-effective IT solutions that accelerate the interoperability and resiliency of mission critical systems.

Work Location: Chantilly, VA

Clearance: Top Secret/SCI CI Poly

What will you be doing?

Cybersecurity Compliance Engineer for classified Intelligence Community cloud, compute, network, and storage Managed Service Provider (MSP) environments.

Responsibilities:

• Candidate to perform security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures; assist Information Assurance (IA) team in maintaining operational security posture; perform vulnerability/risk assessment analysis; provides configuration change management (CM) expertise for information system security software, hardware, and firmware and supports Change Advisory Board (CAB) meetings.
• Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies.
• Identify, assess, and recommend cyber security products for use within an operational environment.
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.
• Maintain operational security posture for an information system or program.
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.
• Provide Configuration Management input for security-relevant information system software, hardware, and firmware; Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plan)
• Overall Program Support: Assist where needed to keep the overall program successful.

,

Requirements:

• Active TOP SECRET SCI security clearance with CI Poly
• BS in Computer Science or equivalent field of study and 5 years related experience.
• Meet the requirements of an DoD 8570.01M IASAE Level II.
• Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.
• Cloud experience including knowledge of cloud security design, requirements analysis, control implementation, and mitigation; and experience with common service providers, such as AWS and Azure.
• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
• Knowledge of cyber defense and information security policies, procedures, and regulations (e.g., RMF).
• Knowledge of Intrusion Detection System (IDS)/Intrusion.
• Knowledge of incident response and handling methodologies.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory service.
• Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Experience working to the constraints of Federal policies, procedures, and regulations.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a workplace culture that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!