The Information Security Specialist is a key member of the Public Sector Compliance group, at VMware focused primarily on ensuring compliance with U S. Federal requirements including FedRAMP, FISMA, and DISA Cloud SRG.
This position will be located at our Reston, Virginia location.
The Information Security Specialist will report to the Manager, Public Sector Compliance and:
- Act as the Public Sector Compliance lead for VMware cloud security offerings.
- Provide Public Sector Compliance guidance to VMware cloud security offering business units and product teams
- Work on complex problems and provide highly creative solutions
- Perform FedRAMP security requirement gap assessments on VMware cloud service offerings
- Develop FedRAMP security authorization documentation, including system security plans, contingency plans, incident response plans, configuration management plans, continuous monitoring plans, and Control Implementation Summaries/Customer Responsibility Matrices
- Perform Privacy Threshold and Privacy Impact Assessments
- Support FedRAMP 3PAO security assessments
- Work effectively as part of a geographically distributed team
- 3+ years of experience in an information security field
- Excellent written and oral communications skills
- Knowledge of security processes, best practices, and technical security implementation across various network types, including physical and Cloud and components, firewalls, intrusion detection, vulnerability management, and encryption
- Knowledge of current security standards, including:
- NIST Risk Management Framework (RMF)
- NIST Special Publications 800-53, 800-53A, 800-60
- Federal Risk and Authorization Management Program (FedRAMP)
- DoD Risk Management Framework (RMF) and Security Requirements Guide (SRG)
- Bachelor’s Degree in Information Technology, Information Systems Security, Cybersecurity, or related field
- Compliance experience with Amazon Web Services GovCloud
- Information Security Certifications such as Security+, CISSP, or CISA
- Active security clearance
- Defense Federal Acquisition Regulations Supplement (DFARS)
- Certified Authorization Professional (CAP)
- C2S experience
- Agile Methodology
- Continuous Integration/ Continuous Delivery
VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
Read Full Description