Information Systems Security Officer ( 568983-1A )
When you join Verizon
Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Public Sector Information System Security Officer (ISSO) serves as the principal advisor on the security of a Verizon public sector Information Technology (IT) system. In support of this role the ISSO is responsible for ensuring the implementation and maintenance of security controls in accordance with the DoD Risk Management Framework (DOD RMF) and other relevant Government policies. The individual is responsible for supporting compliance activities including (but not limited to) risk management, maintaining physical and environmental protection, personnel security, incident handling, and security training and awareness. The ISSO supports the development and maintenance of boundary security policies and procedures and ensures compliance from stakeholders supporting the environment. Additionally, the ISSO supports the scanning and continuous monitoring of the IT system and develops and updates the security plan, manages and controls changes to the system, and assesses the security impact of those changes.
- Ensure that all compliance controls related to the DOD RMF and CNSSI 1253 requirements are documented and tested.
- Support the use of eMASS in the development of the DoD RMF documentation and SSP
- Support the DoD Security stack including ACAS, HBSS, Tanium and RADIX platforms.
- Ensure that all Plan of Actions and Milestones (POA&Ms) under their purview are reviewed weekly and updated when applicable
- Ensure that the protection of all media and/or memory components from the facility are properly managed.
- Ensure that all audit trails are established for the IT system, reviewed and made available on request from the Information Systems Security Manager (ISSM) or appropriate management personnel.
- Ensure that all information security audit logs are retained in accordance with the agency's policies
- Ensure that all information system security incidents are reported following the Verizon Incident Response Plan.
- Initiate and support any protective and corrective measures when an incident or vulnerability is discovered within the IT system.
Where you'll be working...
This role will be based out of any Verizon work location as listed in the posting. In this role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
What we’re looking for...
You'll need to have:
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience.
- Candidate must be able to undergo a background investigation as a condition of employment.
Even better if you have one or more of the following:
- Bachelor’s degree in a relevant field (Computer Science, MIS, and Cybersecurity).
- Five or more years of relevant ISSO or security compliance experience.
- CISSP, CISM or similar certifications and credentials or able to be obtained within 1 year.
- Direct experience supporting the NIST RMF, DoD RMF, FISMA or FedRAMP assessment and accreditation activities.
- Experience with security platforms from Cisco, Crowdstrike, CyberArk, Forgerock, Fortinet, Palo Alto, Tripwire or other relevant security vendor experience.
- Possess or be able to obtain a Government Security Clearance.
- Oral and written communication skills, and the ability to work autonomously and in a team environment.
- Experience Assessment & Authorization defined in NIST 800-37 rev 3 and developing and maintaining documentation in accordance with NIST 800-18, the NIST RMF and NIST 800-53 guidance.
- Experience Support of the DoD RMF and DoD Security Policies.
- Experience conducting regular system security audits in support of compliance with the overall System Security Plan (SSP) to maintain Authority to Operate (ATO) status.
- Experience with protective and corrective measures when a security incident or vulnerability is discovered.
- Conducted briefings on technical vulnerabilities, system non-compliance with Information Security policies, and security incidents to management in a timely fashion.
- Created presentations, training material, network diagrams, reports, and templates using Microsoft Office or a comparable office software suite.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.