Information Security Executive Advisor – Military OneSource (FedRAMP)

Indianapolis, IN, United States

Information Security Executive Advisor – Military OneSource (FedRAMP)

Location: This position will work a hybrid model (remote and in office one day per week). Ideal candidates will live within 50 miles of one of our Pulse Point locations in Indianapolis, IN, Richmond, VA, Norfolk, VA, Atlanta, GA or Mason, OH.

The Information Security Executive Advisor – Military OneSource (FedRAMP) partners across the enterprise in driving security alignment with business objectives and providing SME-level guidance. Drives and delivers comprehensive security solutions for the AWS GovCloud environment, designing the base set of architectures that comprise both the third-party and cloud-native technologies required for foundational security design. Leads the development of policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.

How you will make an impact:

Collaborates across enterprise teams to create comprehensive security solutions, integrations, and reference architectures for security patterns that align to FedRAMP High and DoD IL 4/5 requirements.

Recommends updates to cloud security governance strategy based on NIST, Federal Government, and regulatory requirements.

Provides security-focused solution guidance to business and IT partners and participates in broader information security governance.

Works with business units to translate business strategy into discrete capabilities and help to identify security capability gaps in systems.

Provides strategic and tactical security control recommendations, operational security blueprints and roadmaps, reference architectures for security patterns, and general security technology/application assessments.

Collaborates with enterprise teams and ensure that implementation components (domain architecture, solution architecture, and technical architecture) align with architecture strategies.

Participates in the Cloud Governance processes and community of practice.

Proposes opportunities to improve security outcomes and reduce risks based on targeted or continuous assessments and evolving threat drivers.

Defines, communicates, and drives security controls matrix design and implementation, and monitor compliance to enterprise-level security standards.

Designs, analyzes, and implements testing plans to ensure security guardrails cannot be compromised.

Establishes strategic vendor relationships for security products and services.

Develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements.

Manages the selection and delivery of strategic network security, access control and secure transaction/messaging solutions.

Establishes architecture oversight and planning for information and network security technologies.

Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations.

Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the enterprise.

Provides technical guidance and leadership to the technical engineers within the organization.

Participates in the design of the enterprise architecture.

Proposes opportunities to improve results based on targeted or continuous assessment.

Participates in enterprise planning activity, including vendor assessment, technology platform selection and retirement, prioritization, and integration.

Minimum Requirements:

BS/BA in Information Technology or related field of study and a minimum of 10 years of experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.

U.S. Citizenship is required for this position as it will support the Department of Defense Military OneSource program.

Preferred Skills, Capabilities and Experiences:

Experience as an authorized FedRAMP consultant, with expertise in FedRAMP and DoD security standards strongly preferred.

Experience with legal/regulatory requirements such as PCI-DSS, HIPAA, NIST, FISMA, etc. strongly preferred.

Experience in automated integration with ticketing and asset management systems strongly preferred.

Security certifications with a specific focus on AWS Cloud professional certifications as well as CISSP, CCSP, and other advanced technical security certifications strongly preferred.

5+ years of experience in Information Security-focused efforts, with demonstrated ability to distill complex security problems and drive toward creative solutions while complying with enterprise policies strongly preferred.

Experience in implementing DevOps automation with Terraform and Ansible following Infrastructure as Code (IaC) concept strongly preferred.

Strong knowledge on CI/CD processes and tools strongly preferred.

Experience deploying, configuring, and automating CI/CD Release pipeline with CI/CD tools such as Jenkins, Bamboo, Git, Maven/Gradle, Sonar, Artifactory, Jira, Checkmarx, RabbitMQ strongly preferred.

Common DevOps scripting languages (Python, BASH, Node.JS, etc.) strongly preferred.

Experience in centralized controls and reporting for security-focused logging and monitoring, with a focus on Splunk/SIEM integration preferred.

REST, JSON, YAML, SOAP/XML web services experience preferred.

Strong understanding of Cloud Security governance, including but not limited to Organization Policies, Assured Workloads, and Security Command Center Premium preferred.

Experience with the Mitre ATT&CK framework and detection logic driven by threat intelligence preferred.

Highly proficient with Palo Alto/Panorama and general network security expertise, with a focus on both the web content filtering, IDS/IPS, and OFAC Geoblock capabilities that Palo Alto offers for ingress points as well as Istio and mutual TLS authentication with SPIFFE Spire preferred.

Experience with VPC Service Controls, and able to identify and configure for use cases related to GKE workloads preferred.

Experience with workload identity federation, specifically as required for service accounts, with strong knowledge of service account controls, vaulting, and best practices preferred.

Demonstrated ability to communicate clearly with all constituents, serving as a mentor and SME preferred.

Experience with automated security validation and event-driven automation preferred.

Clear understanding of overall systems architecture and how to leverage specific components preferred.

Understanding of Cloud infrastructure environments and the challenges associated with enterprise integration, with demonstrated ability to grasp and contribute to big-picture strategy preferred.

This job is assigned to an entity that conducts government business, the applicant and incumbent fall under a `sensitive position' work designation and is subject to additional requirements beyond those associates outside Government Business Divisions. Requirements include, but are not limited to, obtaining and maintaining a 'Secret level security clearance', which entails more stringent and frequent background checks, segregation of duties principles, role specific training, monitoring of daily job functions, and sensitive data handling instructions. Associates in these jobs must follow the specific policies, procedures, guidelines, etc. as stated by the Government Business Division in which they are employed.

#J-18808-Ljbffr