Information Security Subject Matter Expert (Top Secret Clearance required)
Working at Hewlett Packard Enterprise (HPE) is about leading and winning the right way – for customers, for employees, and as a global citizen. We offer our global workforce the opportunities to:
- Experience what it means to win as a professional.
- Discover a mosaic of career opportunities in a culture of open doors and open minds.
- Connect with colleagues who are the best and brightest in their fields.
- Collaborate with purpose to develop products and deliver services that will change the world.
- Be part of a socially and environmentally responsible, multicultural organization.
We are committed to conducting business with the highest integrity, which means working to benefit each community in which we operate. HPE is committed to winning the right way.
Hewlett Packard Enterprise is seeking highly motivated and qualified individuals to join our team in a broad variety of positions supporting a customer at Offutt AFB. The contract will provide mission critical, integrated, operational support for the IT infrastructure essential to the current and evolving missions for the customer. The major support areas in this contract are Program Management, IT Operations and Maintenance, Engineering, and Applications Support.
Information Security SME provides subject matter knowledge, including security technologies, theories, or techniques (such as security frameworks and methodologies). Contributes to the development of innovative principles and ideas. Successfully operates in the most complex disciplines in which the company must operate to be successful. Provides highly innovative solutions. Routinely exercises independent judgment in developing methods, techniques and criteria for achieving objectives. Develops strategy and sets functional policy and direction. Ability to understand the customer’s business problem, need, or opportunity and to design an IS solution that completely and correctly addresses the business problem, need, or opportunity without unnecessary enhancements. Responsible for providing information assurance (IA), computer network defense, and technical review support to government and command operations; including, but not limited to, reviewing requirements for security related capabilities, working computer network defense (CND) and IA background and skills, analysis, correlation, and prioritization of vulnerabilities discovered in scans and vendor bulletins, monitoring of intrusion detection system and other CND tools, and providing vulnerability tracking and status reporting on vendor provide or DoD mandated patches. Working knowledge of installation, maintenance, and upgrading of OSs and applications for the server and client environment. Assists in the development and implementation of policies and procedures relating to information assurance and network security. Proactively monitors vendor and DoD IA notices and reports results. Assists in devising targeted metrics to assess performance. Understands, adheres to, and implements overall security and configuration policies. Provides advice on monthly vulnerability releases. Updates projects on an on-going basis to reflect current status of IA activities and tasks. Supports documentation, databases and reporting relating to IA assigned responsibilities. Develop and deliver presentations at senior levels for large, complex projects.
- Serves as subject matter expert, possessing in-depth knowledge of computer science, IT Operations and Security and Network Security
- Provides technical knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design, integration, documentation and implementation advice on exceptionally complex problems that need extensive knowledge of the subject matter for effective implementation.
- Applies principles, methods and knowledge of the functional area of capability to specific task order requirements, advanced mathematical principles and methods to exceptionally difficult and narrowly defined technical problems in engineering and other scientific applications to arrive at automated solutions.
- Report network incidents and threats in real time by continuous monitoring of several tools and resources.
- Perform security Information Assurance Vulnerability Alert (IAVA) patch actions as directed by the designated government Security Office.
- Implement security procedures to encompass Internet security, firewall administration, virus protection strategies, and protection from unauthorized access.
- Perform reviews of random workstation configurations, server logs, and firewall reports, for anomalies, alerts, and alarms, and forward all findings to appropriate command Cybersecurity functions.
- Handle all intrusion prevention and detection, log correlation and review, email content scanning, intelligence report review, and network anomaly detection services.
- Manage, operate, maintain and administer the network security components to meet operational, availability, and mission requirements.
- Encompasses multiple disciplines, including technology architects, solution architects, and enterprise architects
- Responsible for delivering business value to customer by architecting effective security solutions that address the customer’s business problems, needs and opportunities, in a manner consistent with HP’s strategic and business goals
- Monitors security audit and intrusion detection system logs for system and network anomalies. Investigates and/or escalates security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security. Documents and reports event(s).
- Assists in providing engineering analysis, design and support for firewalls, routers, networks and operating systems.
- Assists in performing product evaluations and recommends products/services for network security. Validates and tests basic security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
- Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
- Assists in the review and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.
- Assists in providing oversight and enforcement of security directives, orders, standards, plans and procedures at server sites.
- Establish and maintain a professional working relationship at multiple levels both internally and with the customer by understanding the customer’s business context and their unique situation
- Collaborate with both internal and external/industry experts to anticipate customer needs in order to facilitate the definition and development of the solution
- Collaborate with the account team to meet or exceed revenue, product, customer satisfaction and market share goals for assigned account(s)
- Determines enterprise Cybersecurity and security standards.
- Develops and implements Cybersecurity/security standards and procedures,
- Coordinates, develops, and evaluates security programs for an organization, recommends Cybersecurity/security solutions to support customers’ requirements.
- Identifies, reports, and resolves security violations.
- Establishes and satisfies Cybersecurity and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
- Supports customers at the highest levels in the development and implementation of doctrine and policies.
- Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
- Performs analysis, design, and development of security features for system architectures.
- Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
- Designs, develops, engineers, and implements solutions that meet security requirements.
- Provides integration and implementation of the computer system security solution.
- Analyzes general Cybersecurity-related technical problems and provides basic engineering and technical support in solving these problems.
- Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
- Ensures that all information systems are functional and secure.
- Adheres to command and Department of Defense Cybersecurity Security Technical Implementation Guide (STIG) policies and conducting initial and recurring Security Authorization Packages.
- Responsible for preparing, coordinating, managing, and tracking Interim Authority to Test (IATT), Authority to Operate (ATO), and Plan of Action and Milestone (POA&M) requests and approval credentials issued by the Authorizing Official (AO), as well as System Authorization Package and Change Requests for initial and recurring authorizations.
Education and Experience Required:
- Minimum Requirements:
- Master’s degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related discipline, with a minimum of 8-12 years relevant industry experience
- Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
- Experience in Network Administration and/or Network Security
- Willingness to roll up your sleeves and get the job done
- Ability to interact with employees at all levels
- Possess security certifications (Security , CISSP, CCNA, etc.)
- ITIL certification or equivalent
- * The candidate hired for this position must be a US Citizen with an active top secret security clearance with eligibility for SCI and with Nuclear Command and Control (NC2) eligibility. – or – must be capable of maintaining/obtaining a TS/SCI clearance with Nuclear Command and Control (NC2) eligibility, by the end of the three month phase-in period of the contract**
Knowledge and Skills:
- •In-depth understanding of IT security architectures and third party integrations
- Common understanding of the viewpoints and models required for the delivery of DoDAF Architecture Framework artifacts
- Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
- Experience working with internet, web, application and network security techniques
- Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
- Excellent verbal and written communication skills, influencing skills and ability to work effectively with a team
- Critical thinking skills, both qualitatively and quantitatively, ability to prepare a well-grounded, defensible argument
- Demonstrated technical leadership skills
- Ability to work in a complex ever changing environment with short turn around tasking internally and with the client
- Demonstrated proficiency with Microsoft Office (Word, Visio, PowerPoint, Outlook and Excel)
- Possess various operating system or hardware certifications
Meet Some of Hewlett Packard Enterprise's Employees
Business Compensation Manager
Jeremy ensures all HPE employees are properly compensated for their contributions to the company, helping to retain top talent and market leaders for the organization.
Back to top