Date Posted:
2025-01-07
Country:
United States of America
Location:
PW100: East Hartford 400 Main Street, East Hartford, CT, 06118 USA
Position Role Type:
Onsite

Pratt & Whitney is working to once again transform the future of flight-designing, building and servicing engines unlike any the world has ever seen. And because transformation begins from within, we're seeking the people to drive it. So, calling all curious.

Come ready to explore and you'll find a place where your talent takes flight-beyond the borders of title, a country or your comfort zone. Bring your passion and commitment and we'll welcome you into a tight-knit team that takes our mission personally. Channel your drive to make a difference into shaping an organization and an industry that's evolving fast to the future.

• Under the direction of the Enclave Senior Manager, serve as an information systems security lead for information technology-related projects supporting the Military Engines portfolio of programs. Develop and maintain required plans, policies and procedures for assigned information systems in order to obtain Authority To Operate (ATO) from the government under the Risk Management Framework (RMF).
• Lead and/or participate in working groups charged with establishing, reviewing and/or updating standard procedures and work instructions.
• Develop, assess, verify, and manage the implementation of information system security-related tools, measures, and controls in compliance with applicable DoD and Corporate policies, standards, and procedures. Periodically review existing systems for opportunities to reduce effort, risk and/or mistake-proof methods and procedures through process improvement.
• Lead the effort in closing out POA&M items for Enclave information systems that are associated with technology-related control items.
• Provide cybersecurity guidance and direction regarding all additions, changes and removals of hardware and software to/from assigned information systems.
• Assist in overseeing and managing the patch management process and execution across all security enclaves. Collaborate with peer ISSMs and Corporate equivalents for alignment and sharing of best practices.
• Ensure ISSOs monitor and audit assigned systems for compliance with current cyber security policies, concepts, and measures. Perform all ISSO functions in their absence.
• In collaboration with the incident response manager, coordinate and/or perform incident response containment, eradication, and recovery tasks involving classified systems and/or spills of classified data to unauthorized systems.
• Support the respective security enclaves in information systems security-related inspection preparations as needed.
• Coach, mentor, and train ISSOs in standard work, procedures, plans, and policies applicable to the information system in accordance with IS-specific and Enclave-level instructions, guidance and requirements. Develop and/or update Enclave-level training content and curriculum as directed by the Enclave Manager.
• Partner with development teams and the US Government (USG) customer to ensure tasks are completed on schedule.
• Evaluate and monitor Commercial off the Shelf (COTS) and Government off the Shelf (GOTS) systems, applications, and services against system architectures, RMF requirements, and requirements.
• Audit security controls and provide technical direction and assistance with corrective or mitigation actions.
• Perform continuous monitoring tasks.

• Advanced degree and 5+ years of Technology, Information Systems or Cybersecurity experience; OR Bachelor's degree and 8+ years of relevant industry experience; OR Associate's degree (or 2-year technical training) and 10+ years of relevant industry experience; OR High School diploma and 12+ years of relevant industry experience.
• U.S. citizenship is required, as only U.S. citizens are authorized to access information under this program/contract.
• The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

• Bachelors Degree in engineering, cybersecurity, computer science, or IT-related field of study
• 1+ year experience as an ISSM supporting classified programs.
• 2+ years hands-on experience in an ISSM, ISSO and/or ISSE position or equivalent role.
• 4+ years' combined hands-on experience in systems administration/engineering and/or cybersecurity support role for a combination of servers, desktop computers, operating systems, and virtual computing, preferably of information systems supporting classified programs or activities.
• Active Secret-level U.S. Government Security Clearance
• Ability to obtain and maintain a Top Secret-level U.S. Government Security Clearance.
• Ability to obtain and maintain access to Special Access Programs status.
• Certifications equivalent to or exceeding DoD 8570.01-M IAT Level II functional and baseline certification requirements.
• Ability to develop, document and interpret network and wiring diagrams; system, subsystem and device security architectures down to the board level; and data flow diagrams.
• Programming experience with languages such as (but not limited to) bash, csh, Java/JavaScript, Perl, Powershell, Python, sh, and/or VBA.
• Experience with using NESSUS and other scanning applications.
• Experience using Splunk to ingest and analyze network data.
• Experience working with virtualization software and virtualized environments such as ESXi, VMWare, VirtualBox, and Hyper-V.
• Experience with implementation of and/or monitoring the compliance of information systems to NIST, CIS, and/or ISO cybersecurity management framework requirements and guidelines.
• Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF).