About this role
Technical advisor for the Information Systems (IS) security requirements necessary for the protection of all sensitive information processed, stored, and/or transmitted through the use of the IS. Interprets government requirements, prepare, validate, and maintain documentation in support of the Risk Management Framework (RMF). Also implements and oversees the program security plans, policies, and procedures necessary to ensure compliance with all company and government requirements. The Operations Strategic Capabilities Unit plays a fundamental role in enabling efficient business and program execution – from strategic capital investments, industrial operations and an efficient supply chain, to state-of-the-art manufacturing and test operations and top-notch facilities management. What You’ll Do: Perform audits of all IS, investigation anomalies, and record and report findings, as required. Coordinate and/or conduct detailed inquiries; assess potential damage; and develop, document, implement, and monitor corrective action plans. Maintain a configuration management system to track and control all components and software of an IS used in support of programs. Identify and manage the Plan of Action & Milestones (POA&Ms) through remediation as well as develop corrective action plans for each POA&M; quarterly progress reporting to management or customer(s). Identify, evaluate, and document all IS and provide guidance on what controls and countermeasures may be appropriate to mitigate vulnerabilities and threats. Schedule, conduct, and administer security tests and evaluations to ensure that all the applicable IS are operating in accordance with security requirements. Perform data spill containment and clean up per customer direction. May coordinate the response and recovery activities from information security incidents. This includes collaboration with appropriate response partners, assist with determining the root cause of cyber incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures. Promote information security awareness. Maintain a regular and predictable work schedule. Establish and maintain effective working relationships within the department, the Strategic Business Units, Strategic Capabilities Units and the Company. Interact appropriately with others in order to maintain a positive and productive work environment. Perform other duties as necessary. On-Site Work Environment: This position requires regular in-person engagement by working on-site five days each normally scheduled week in the primary work location. Travel and local commute between company campuses and other possible non-company locations may be required. Working Conditions: Work is performed in an office environment, laboratory, cleanroom, or production floor.