OneMain Financial Jobs

Essential Duties and Responsibilities * Architects and authors System Security Plans (SSPs), the "source of truth" for the client's security posture, detailing exactly how each NIST 800-171 control is implemented. * Develops and manages the Plan of Action and Milestones (POAM), tracking every deficiency and guiding the client's IT team through remediation. * Drafts all formal security policies, ensuring they are not just "templates" but functional, defensible documents that reflect the client's real-world operations. * Designs and facilitates annual Incident Response (IR) and Disaster Recovery (DR) tabletop drills. * Leads the Evidence Collection phase, verifying that the client's logs and configurations meet the rigorous sufficiency standards of a C3PAO auditor. * Demonstrates and actively promotes an understanding and commitment to the mission of Logicalis through performing behaviors consistent with the organization's values. * Maintains a working knowledge of applicable Federal, State, and Local laws and regulations as well as policies and procedures of Logicalis in order to ensure adherence in a manner that reflects honest, ethical and professional behaviors. * Supports and conducts self in a manner consistent with customer service expectations. Supervisory Responsibilities This job has no supervisory responsibilities. Qualifications To perform this job successfully, an individual should be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Education/Experience/Technical Requirements/Certifications Equivalent combination accepted. Education * Bachelor's degree in a related field. Experience / Technical Requirements: * Compliance Enclaves: Advising on how to segment CUI to limit audit scope and cost. * FIPS 140-2/3 Validation: Verifying that encryption modules (VPNs, Wi-Fi, Storage) meet federal standards. * Network Architecture: Interpreting network diagrams and identifying gaps in boundary protection and data flow. Previous Network Engineer or Administrator experience is valued. * Log Logic: Knowing exactly what a "passing" audit log looks like for MFA, access control, and system monitoring. * Framework Expert: Mastery of CMMC 2.0 (Level 2) and NIST SP 800-171. * Technical Writing: Superior ability to write clear, audit-proof documentation (SSPs, SOPs, and Policies). * Knowledge of SOC2, ISO 27001, HIPAA, or GDPR. Certifications: * CCP (CMMC Certified Professional) * CISA * Security + Other Skills and Abilities * Ability to work with C-Suite Executives and across client technical teams throughout the consulting process. * Portfolio Management: Proven ability to manage 10 concurrent clients/projects without sacrificing quality or missing milestones. * Ability to manage through high level of ambiguity and multiple requests from variety of sources. * Ability to work on multiple projects simultaneously and translate business data into digestible information that improves corporate processes. * Outstanding technical/business communication skills. Physical Demands The physical demands described here are representative of th Apply here: https://www.aplitrak.com/?adid=YmJnZW5lcmljLjI3NDE0LjEwNTA4QHVzbG9naWNhbGlzY29tcC5hcGxpdHJhay5jb20