REQUIREMENTS:

• Active TOP SECRET SCI security clearance with CI Poly
• BS in Computer Science or equivalent field of study and 5 years related experience.
• Meet the requirements of an DoD 8570.01M IASAE Level II.
• Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.
• Cloud experience including knowledge of cloud security design, requirements analysis, control implementation, and mitigation; and experience with common service providers, such as AWS and Azure.
• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
• Knowledge of cyber defense and information security policies, procedures, and regulations (e.g., RMF).
• Knowledge of Intrusion Detection System (IDS)/Intrusion.
• Knowledge of incident response and handling methodologies.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory service.
• Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Experience working to the constraints of Federal policies, procedures, and regulations.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a workplace culture that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

LI-MP1

WHAT WILL YOU BE DOING?

Cybersecurity Compliance Engineer for classified Intelligence Community cloud, compute, network, and storage Managed Service Provider (MSP) environments.

RESPONSIBILITIES:

• Candidate to perform security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures; assist Information Assurance (IA) team in maintaining operational security posture; perform vulnerability/risk assessment analysis; provides configuration change management (CM) expertise for information system security software, hardware, and firmware and supports Change Advisory Board (CAB) meetings.
• 
  
  
  
• Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies.

• Identify, assess, and recommend cyber security products for use within an operational environment.
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.
• Maintain operational security posture for an information system or program.
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.
• Provide Configuration Management input for security-relevant information system software, hardware, and firmware; Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plan)
• Overall Program Support: Assist where needed to keep the overall program successful.