We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
CNA Corporation jobs

Security Advisor (Part Time)

CNA Corporation
United States, Virginia, Arlington
3003 Washington Boulevard (Show on map)
Jan 22, 2025
Security Advisor (Part Time)
CNA, 3003 Washington Blvd, Arlington, Virginia, United States of America
Req #730
Wednesday, January 22, 2025

Primary Purpose

CNA is hiring for a Security Advisor (part time, benefits eligible) in the Chief Information Office (CIO). The CIO is responsible for supporting staff with all facets of CNA across a wide spectrum of information and technical activities.

The Security Advisor will be responsible for developing, implementing, and managing CNA's classified traditional and information security programs to ensure the security of classified information. In addition, the Security Advisor will be responsible for revising and developing processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing Service Level Agreements (SLAs). The Security Advisor is also responsible for managing IT security technologies in accordance with government regulations to include the NISPOM and guidance from DCSA, DISA, Navy, and other government agencies. This role involves assessing security risks, developing policies and procedures, and ensuring compliance with industry standards and regulations. The Security Advisor will work closely with senior leadership, IT, and other stakeholders to safeguard the organization's assets and promote a culture of security awareness.

CNA fosters an inclusive culture that values diverse backgrounds and perspectives. Our flexible and engaging work environment encourages iterative and creative collaboration at every stage of the problem solving process. Our employees are committed to helping clients develop effective solutions to better manage their programs through scientific, data-driven approaches. We are looking for creative and innovative individuals to help carry out our mission.

JOB DESCRIPTION AND / OR DUTIES



  1. Provide security for CNA's classified, unclassified, and SCO networks and support the Security Operations Center (SOC) in various capacities.
  2. Participate in the security incident response process and triage incidents for escalation to appropriate stakeholders.
  3. Work with the Change Advisory Board (CAB) to identify changes that will impact information security controls.
  4. Develop and implement processes for tracking key operational metrics.
  5. Develop security policies and procedures to ensure that company assets are protected.
  6. Develop, implement, and manage CNA's classified information security/information assurance programs in accordance with the NISPOM, DAAPM, and other government regulations and guidance. Ensure compliance with all applicable DoD, NISPOM, DCSA, DISA STIGs, NSA and other applicable security requirements and regulations.
  7. Manage and lead certification and accreditation (C&A) activities. Develop and maintain security plans, plans of action and milestones (POAMs), and other associated compliance documentation in support of government regulation and contract requirements. Lead internal compliance reviews and self-inspections and disseminate compliance status information to pertinent staff for remediation.
  8. Develop and manage system security plans to include Risk Management Framework (RMF) documentation for classified systems and networks including SIPRNet. Perform and manage certification and accreditation (C&A) and risk assessment activities. Manage classified system compliance activities and ensure classified system authorizations (e.g., ATOs, ATCs, etc.) remain in effect, to include accredited standalone systems. Manage the vulnerability assessment process and ensure STIGs are applied properly.
  9. Develop and manage vulnerability and risk assessment processes. Ensure vulnerability and risk management processes are operating effectively. Develop and publish metrics and reports on the vulnerability and risk posture of CNA's unclassified computing environments.
  10. Conduct risk analyses to assess potential security risks to ensure compliance with policies and that risk is managed to accepted tolerances.
  11. Coordinate with federal, state and/or local law enforcement agencies to prevent crime and respond to emergencies.
  12. Perform other duties as assigned.


JOB REQUIREMENTS



  1. Education: Bachelor's degree in information security, computer science or related field or equivalent combination of education and work experience required.

    • One or more of the following certifications required: SACA Certified Information Security Manager; Certified Information Privacy Professional (CIPP), Microsoft Certified Systems Engineer - Security; (ISC) SCCP; (ISC) CISSP; (ISC) ISSAP. Advanced degree preferred.


  2. Experience: Minimum 10 years demonstrated experience in IT and IT security related functions.

    • Experience in progressively responsible positions within an enterprise security environment, including experience with or knowledge of: NIST cyber and information security policy and guidance (e.g., NIST 800-53, NIST 800-171, etc.) and DoD security policy, Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual, guidelines, and directives.
    • Expertise with DoD security policy, guidelines and directives, DoD classification management principles, computer and network security, information security, Intelligence Community Directives, Navy Information and Personnel Security Program Regulation and Navy Security Classification Guidance Series.


  3. Skills: Must have proficiency in a variety of computer software applications in word processing, spreadsheets, and databases. Must know and be able to take all actions required to ensure compliance with all Government security regulations and contractual requirements. Excellent communication and interpersonal skills with the ability to generate trust and build relationships. Ability to work effectively with cross-functional teams and manage multiple projects simultaneously. Must be able to make decisions to advise staff on appropriate actions regarding all security-related actions.
  4. Clearance: Ability to obtain and maintain a Top-Secret level security clearance upon hire.
  5. Hybrid Work Eligibility: This position may be eligible for telecommuting or hybrid work arrangements at the discretion of the Supervisor. Employees may be required to work at CNA headquarters or other work locations resulting in changes to the scheduled telecommuting or hybrid work arrangements.
  6. Other:

    • Due to the nature of the work, some on-call availability outside of normal working hours is needed
    • This role is part time, benefits eligible



***Voluntary Document***
Please include a personal statement as part of your application. A personal statement is a chance for us to get to know you. The statement is your opportunity to share your goals, interests, influences and show us that you will be a valuable asset to our organization. Please click here for personal statement guidelines - Click here. Personal statements will not be used as an elimination criteria for this position. They will only be used to enhance a candidate's application

CNA is committed to providing equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service and protected veterans, or other non-merit based factors. In addition to federal legal requirements, CNA complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. These protections extend to all terms and conditions of employment, including recruiting and hiring practices, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training and career development programs. For more information about EEO protections, please view the EEO is the law posters here: "EEO is the Law" Poster", "EEO Poster Supplement". The pay transparency policy is available here: Pay Transparency Nondiscrimination Poster. To be considered for hire, all individuals applying for positions with CNA are subject to a background investigation. For positions requiring access to classified information, U.S. citizenship is required. Individuals will also be subject to an additional government background investigation, and continued employment eligibility is contingent upon the ability to obtain and maintain an active security clearance.

Other details


  • Job Family
    Information Technology

  • Job Function
    Career Path III - Professional

  • Pay Type
    Salary

  • Employment Indicator
    (none)

Apply Now

  • CNA, 3003 Washington Blvd, Arlington, Virginia, United States of America

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-j5kl7)