ISSO IT Security Services Manager

ISSO IT Security Services Manager

This role has been designed as ''Onsite' with an expectation that you will primarily work from an HPE office.

Who We Are:

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work.

We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world.

Our culture thrives on finding new and better ways to accelerate what's next.

We know varied backgrounds are valued and succeed here.

We have the flexibility to manage our work and personal needs.

We make bold moves, together, and are a force for good.

If you are looking to stretch and grow your career our culture will embrace you.

Open up opportunities with HPE.

Job Description:

Hewlett Packard Enterprise (HPE) seeks an experienced Information System Security Officer (ISSO) to support classified systems in a mission-driven environment.

The ISSO will be responsible for implementing, maintaining, and monitoring the security posture of accredited information systems, ensuring compliance with DoD/IC security policies and procedures, and supporting continuous authorization and risk management activities.

This position requires an active TS/SCI clearance with polygraph and hands-on experience supporting the Risk Management Framework (RMF) process and the DoD Information Assurance Certification and Accreditation Process (DIACAP).

You will be required to be onsite as required by the contract/customer at the Annapolis Junction, MD facility.

Key Responsibilities:


* Serve as the designated ISSO and primary point of contact for assigned IC/DoD mission systems, owning system security posture, assignment of security technical implementation guides (STIGs), RMF/accreditation activities, and coordination with Government stakeholders (Authorizing Officials, Security Control Assessors, ISSMs, and external auditors).


* Manage configuration management processes to ensure integrity, traceability, and secure state of system baselines and authorized changes throughout the system lifecycle.


* Develop, maintain, and manage RMF accreditation documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessment Reports (RARs), Plans of Action & Milestones (POA&Ms), and Interconnection Security Agreements (ISAs).


* Execute continuous monitoring activities-vulnerability scanning, patch/configuration management, baseline assurance, and log/telemetry analysis-and coordinate remediation to mitigate risk.


* Plan and coordinate security control assessments, compliance inspections, and audits; manage remediation tracking, risk acceptance, and engagement with Authorizing Officials to achieve and maintain Authority to Operate (ATO).


* Develop, implement, and exercise Incident Response Plans (IRPs); lead incident triage, containment, r...