Information Security Specialist

    • Reston, VA



Job Description

Why will you enjoy this new opportunity?

We need someone who understands FedRAMP, FISMA, and DoD Impact Level (IL) continuous monitoring (ConMon) and audits and who can help us find a creative and scalable solutions to drive our ConMon and audit programs to the next level. In addition to these, you want to do this for a company who provides "IT For Good" and is dedicated to being a good citizen of the world. You want to join a growing team who collaborates closely with colleagues across the business to achieve security goals together.

What is the primary need, technical challenge, and/or problem you will be responsible for? We want someone with a passion who can jump in and make an immediate impact on our ConMon and audit processes and reporting. Building on your past experience, you'll work with InfoSec Engineering, Vulnerability Management, and Business Unit Operations groups to develop vulnerability and inventory tracking and reporting for containers.

Success in the Role: What are the performance goals over the first 6-12 months you will work toward completing? (Career path at VMware)

  • You will be responsible for the ConMon and audit programs for multiple cloud service offerings (CSOs).
  • You will develop a vulnerability and inventory tracking and reporting mechanism for containers.
  • You will lead the POA&M process, working with BU engineering and operations groups to establish effective and timely remediation plans.
  • You will lead initial and annual FedRAMP and DoD IL audits for VMware CSOs.


What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?

You will spend your time leading the ConMon and audit programs for multiple CSOs including:
  • Vulnerability scan monitoring and reporting
  • Inventory management and reporting
  • POA&M updates
  • Deviation requests
  • Change requests
  • Working effectively with geographically distributed teams.


You should have knowledge of current security standards, including:
  • NIST Risk Management Framework (RMF)
  • Federal Risk and Authorization Management Program (FedRAMP)
  • DoD Cloud Security Requirements Guide (SRG)


You have a bachelor's degree in Information Technology, Information Systems Security, Cybersecurity, or related field, are a U.S. citizen, and either hold a security clearance or are eligible to hold a clearance.

What is the leadership like for this role? What is the structure and culture of the team like? You will be part of the Public Sector Compliance team. The PubSec Compliance team leads all compliance activities related to the U.S. government and state, local, and educational compliance programs. Directed by Jeff Edelheit and managed by Patrick O'Laughlin, the team prides itself on supporting each other. We appreciate our team's diverse skillsets and backgrounds that may complement your own.

What are the benefits and perks of working at VMware?

You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting www.benefits.vmware.com.
  • Employee Stock Purchase Plan
  • Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
  • Generous Time Off Programs
  • 40 hours of paid time to volunteer in your community
  • Rethink's Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities
  • Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
  • Healthy and local inspired snacks in all our on-site pantries


This job requisition is not eligible for employment-based immigration sponsored by VMware. This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil, and therefore any offer will be contingent upon verification of both of these requirements.

VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.


Back to top