Information Systems Security Manager (Government)

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

AT&T Global Public Sector is a trusted provider of secure IP enabled cloud-based network solutions and professional services to theFederal Government. We are dedicated to recruiting developing and empowering a diverse high-performing workforce that is passionate about what they do committed to our shared values and dedicated to our customers mission.

Our Defense Team supports the DoD CloudBased Internet Isolation (CBII) capability delivering secure internet access to a global DoD user base.

AT&T has an opening for an Information Systems Security Manager to support the Defense Information Systems Agency (DISA) in providing IT services and connectivity in a Department of War (DoW) environment.

Job Duties/Responsibilities:

• Support the Program Manager in execution of contractual compliance.
• Develop and maintain Assessment & Authorization (A&A) artifacts including Authority to Operate (ATO) packages (Interim ATOs continuous ATOs)
• Oversee adherence to NIST SP 800-53 controls and DoD Cloud Security Requirements Guide (SRG); ensure compliance with Security Technical Implementation Guides (STIGs) and cloud security policies.
• Conduct continuous monitoring (log audits vulnerability scans); track and drive remediation of open Plans of Action & Milestones (POA&M) related to identified security weaknesses.
• Plan and execute Security Test & Evaluation (ST&E) activities; validate the platforms security posture through penetration tests STIG checks and compliance assessments.
• Compile and report weekly vulnerability status and compliance posture; coordinate with engineering and ops teams for timely patching and mitigation actions.
• Participate in Change Control Boards (CCB) to assess security impacts; ensure any data breaches or incidents are reported and lead follow-up investigations in line with DoD cybersecurity incident handling requirements.
• Develop and update the Cyber Threat Security Plan and other security policy documents; implement supply chain risk management measures consistent with program requirements.
• Support the programs CMMC Level 2 readiness coordinating self-assessments or third-party audits; manage evidence collection and closure of any compliance gaps.

Required Clearance:

Secret (#secret)

Required Qualifications:

• Experience supporting DoD or DISA IT service programs.
• One or more of the following DODD 8570.01/8140 certifications: CISM CISSP CISSP-ISSMP FITSP-M GCIA GCIH GICSP GSLC
• Experience with continuous monitoring eMASS STIGs and vulnerability management

Desired Qualifications:

• Familiarity with FedRAMP requirements and cloud security architecture

Weekly Hours:

Time Type:

Location:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age color national origin citizenship status physical or mental disability race religion creed gender sex sexual orientation gender identity and/or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local addition AT&T will provide reasonable accommodations for qualified individuals with disabilities.AT&T is a fair chance employer and does not initiate a background check until an offer is made.