OneMain Financial Jobs

Job Description Job Title: Information Systems Security Officer Posting Start Date: 2/26/26 Job Description: Position Information Posted Range: $81,120/annually - $133,380/annually. The base salary range represents a good faith salary range for this position. This position is eligible for annual incentive pay and has the opportunity for continued salary growth. If you are hired at American Water your base salary compensation will be determined based on factors such as market, geography, skills, education and/or experience. At American Water, we are committed to pay equity. In addition to compensation, you will be offered a comprehensive benefits package including 401(k), Defined Contribution Plan, Employee Stock Purchase Plan, medical, prescription, dental and vision coverage, plus disability, paid time off, life insurance, voluntary benefits, health and wellness programs and much more! American Water is also proud to offer employees learning opportunities and work experiences to grow professionally! Primary Role The Information System Security Officer (ISSO) is responsible for overseeing cybersecurity compliance and ensuring the protection of information systems that support the operation of water systems across 18 U.S. military installations. The ISSO will serve as the principal security compliance lead, ensuring adherence to federal cybersecurity requirements, industry best practices, and the company's internal security policies. This role requires a hands-on understanding of Microsoft 365 security capabilities and configuration, as well as experience managing cybersecurity documentation, assessments, and audits in regulated environments. * Serve as the designated ISSO for information systems supporting Department of Defense (DoD) and other federal contracts. * Develop, maintain, and manage the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and other artifacts required for compliance with NIST SP 800-171, NIST SP 800-53, and related DoD cybersecurity frameworks. * Support continuous monitoring activities, ensuring timely updates to security documentation and controls. * Coordinate and respond to security audits, assessments, and inspections by internal and external stakeholders. * Track and report compliance metrics, vulnerabilities, and remediation progress to senior leadership. * Coordinate with Compliance and Legals teams on flow down clauses for vendors working with American Water Military Services Group. Key Accountabilities Technical Security Oversight * Manage and enforce security configurations and compliance baselines within the Microsoft 365 suite, including Azure AD, Exchange Online, SharePoint, OneDrive, Teams, and Defender for Cloud/Endpoint. * Support implementation and monitoring of Data Loss Prevention (DLP), Information Rights Management (IRM), Conditional Access, and MFA policies. * Hands on experience with Microsoft M365 Security Services (Defender, Azure Firewall, etc). * Collaborate with IT and system administrators to ensure systems are securely configured, patched, and monitored in accordance with compliance requirements. * Review and approve security change requests, security exceptions, and risk acceptance documentation. Risk Management & Incident Coordination * Identify and assess risks to systems and data; recommend mitigation strategies and document residual risk. * Participate in cybersecurity incident response activities, including root cause analysis and corrective action plans. * Ensure all incidents and vulnerabilities are documented and tracked through resolution. Collaboration & Leadership * Liaise with DoD cybersecurity representatives, internal engineering teams, and utility leadership to ensure mission assurance and compliance alignment. * Provide cybersecurity awareness and compliance training to employees and contractors as required. * Collaborate with Business Development teams on the bidding processes. * Maintain a culture of cybersecurity accountability and compliance across all business units. * Manage and enforce security configurations and compliance baselines within the Microsoft 365 suite, including Azure AD, Exchange Online, SharePoint, OneDrive, Teams, and Defender for Cloud/Endpoint. * Support implementation and monitoring of Data Loss Prevention (DLP), Information Rights Management (IRM), Conditional Access, and MFA policies. * Hands on experience with Microsoft M365 Security Services (Defender, Azure Firewall, etc). * Collaborate with IT and system administrators to ensure systems are securely configured, patched, and monitored in accordance with compliance requirements. * Review and approve security change requests, security exceptions, and riTo view the full job description, click hereApply here: https://www.aplitrak.com/?adid=YmJnZW5lcmljLjExNDc4LjEwNDEyQGFtd2F0ZXJjb21wLmFwbGl0cmFrLmNvbQ