Senior Manager, Public Sector Security Compliance

When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

The Senior Manager of Public Sector Security compliance reports to the Verizon Business Group (VBG) Public Sector ISO and is responsible for supporting the compliance of Verizon Public Sector Security Programs. This position will manage a team of Information System Security Officers (ISSO’s) supporting the compliance of Verizon Public Sector Programs. You will also act in the role of Information System Security Manager (ISSM) to provide management oversight for Verizon compliance Programs.
You will support the NIST Risk Management Framework (RMF), support for FISMA/FedRAMP, DOD RMF, CNSSI 1253, StateRAMP, CJIS, CMMC, ISO 27001 and agency specific security frameworks. You will ensure the accurate support and implementation of the compliance framework and support the following functions. Additionally, you will also support the security compliance activities related to the defend and capture process and aid in the development of complex custom proposals that require compliance with Government security requirements. You will assist legal in reviewing the compliance of all bids generated within Public Sector. You will also provide compliance support for VBG initiatives including the migration to cloud resources and business transformation.

• Support the development and implementation of a unified security certification and assurance program to maintain current certifications/compliant solutions (FISMA, CJIS, FedRAMP, DoD RMF) within Public Sector.
• Create and execute strategies to improve the reliability and security of Verizon compliance programs.
• Support the compliance of new product-specific certifications, and support for the new Department of Defense CMMC (Cybersecurity Maturity Model Certification) in order to enable profitable revenue growth and accelerate customer security assurance.
• Ensure the accuracy of accuracy of all public sector compliance programs.
• Support the development of documentation associated with Public Sector compliance programs including System Security Plan and the associated security artifacts.
• Manage ISSO resources assigned to specific Programs and ensure the compliance activities within the respective security boundaries.
• Define, implement and maintain Public Sector security policies and procedures which support team compliance activities.
• Support vulnerability audits, penetration tests, incident response, and disaster recovery activities.
• Respond to security-related incidents within contractual timeframes and provide a thorough post-event analysis.
• Advise leadership on organization's cybersecurity status and make recommendations for Program improvements.
• Institute organization-wide training in security awareness and role based security training.
• Ensure the ISSO is conducting and documenting regular Change Control meetings to review changes and the security impact to the Program.
• Ensure that all Plan of Actions and Milestone (POA&Ms) under their purview are reviewed weekly and updated when applicable.
• Ensure the ISSO is supporting the update of Program Security documents.
• Ensure the ISSO is maintaining the security M&P’s for the Program.

What we’re looking for...

You'll need to have:

• Bachelor’s degree or four or more years of work experience.
• Six or more years of relevant work experience.
• Experience managing a diverse team of individuals supporting FISMA or FedRAMP compliance activities.
• The candidate must possess or be able to obtain a Government Security Clearance.

Even better if you have one or more of the following:

• Good understanding of FISMA/FedRAMP, CNSSI 1253, NIST RMF, the NIST Cybersecurity Framework and DOD Security standards and compliance.
• A strong understanding of the RMF process defined in NIST 800-37 and developing and maintaining documentation in accordance with NIST 800-18 and NIST 800-53 guidance.
• Strong understanding of ISO/ITIL Security Engineering Frameworks and understand how to apply them to an IT environment.
• Well versed in network and security protocols and concepts including authentication, access control, audit, configuration management, patch management, vulnerability management and asset management.
• Experience conducting regular system security audits in support of compliance with the overall System Security Plan to maintain Authority to Operate status.
• Experience with protective and corrective measures when a security incident or vulnerability is discovered.
• A Bachelor’s degree in a relevant discipline or a cybersecurity degree.
• Excellent oral and written communication skills, and the ability to work autonomously and in a team environment.
• Experience managing teams of individual contributors and managing compliance Programs.

22CyberRISK

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.