Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services. The Verizon Public Sector Information System Security Officer (ISSO) serves as the principal advisor on the security of a Verizon public sector Information Technology (IT) system. The Associate ISSO is responsible for ensuring the implementation and maintenance of security controls in accordance with the Federal Information Security Management Act (FISMA), the NIST Risk Management Framework and other relevant Government policies. The individual is responsible for supporting compliance activities including (but not limited to) risk management, maintaining physical and environmental protection, personnel security, incident handling, and security training and awareness.
The AssocISSO supports the development and maintenance of boundary security policies and procedures and ensures compliance from stakeholders supporting the environment. Additionally, the Assoc ISSO supports the scanning and continuous monitoring of the IT system and develops and updates the security plan, manages and controls changes to the system, and assesses the security impact of those changes.
Ensure that all FISMA requirements are documented, updated and tested.
Ensure that all Plan of Actions and Milestones (POA&Ms) under their purview are reviewed weekly and updated when applicable
Ensure that the protection of all media and/or memory components from the facility are properly managed.
Ensure that all audit trails are established for the IT system, reviewed and made available on request from the Information Systems Security Manager (ISSM) or appropriate management personnel.
Ensure that all information security audit logs are retained in accordance with the agency's policies
Ensure that all information system security incidents are reported following the Verizon Incident Response Plan.
Initiate and support any protective and corrective measures when an incident or vulnerability is discovered within the IT system.
What we’re looking for...
You'll need to have:
Bachelor’s degree or four or more years of work experience.
Four or more years of relevant work experience.
Ability to pass a Public Trust Security Clearance.
Even better if you have:
Experience supporting Assessment & Authorization defined in NIST 800-37 rev 2 and developing and maintaining documentation in accordance with NIST 800-18 rev 1, the NIST RMF and NIST 800-53 rev 4 guidance.
Experience conducting regular system security audits in support of compliance with the overall System Security Plan (SSP) to maintain Authority to Operate (ATO) status.
Experience with protective and corrective measures when a security incident or vulnerability is discovered.
Experience briefing technical vulnerabilities, system non-compliance with Information Security policies, and security incidents to management in a timely fashion.
CISSP, CISM or similar certifications and credentials.
Direct experience supporting the NIST RMF, FISMA or FedRAMP assessment and accreditation activities
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best.Check out our diversity and inclusion page to learn more.