Federal Cloud Information Systems Security Officer (ISSO) - Tenable / Air-Gapped Environment -- (Clearance Required, Secret) MD, OK, UT, PA, AL
Hewlett Packard Enterprise Company · Oklahoma City, Oklahoma · Posted Jun 26, 2026
Apply on company site Track it in JobSkout
Hewlett Packard Enterprise Company is hiring a Federal Cloud Information Systems Security Officer (ISSO) - Tenable / Air-Gapped Environment -- (Clearance Required, Secret) MD, OK, UT, PA, AL in Oklahoma City, OK. This is a full-time position. Federal Cloud Information Systems Security Officer (ISSO) - Tenable / Air-Gapped Environment -- (Clearance Required, Secret) MD, OK, UT, PA, AL
This role has been designated as 'Remote/Teleworker', which means you will primarily work from home.
Who We Are:
Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.
Job Description:
Job Description
Works with a cross-functional team to solve complex technical and cybersecurity challenges across a broad range of technologies (Servers, Storage, Network, and SAN) while delivering secure Cloud Services solutions to federal customers.
The Federal Cloud ISSO will serve as a key member of the SecOps Engineering function, responsible for ensuring the security, compliance, and operational effectiveness of classified cloud environments. This role has direct responsibility for Tenable (Tenable.sc / Nessus) vulnerability scanning operations within an air-gapped architecture, supporting ATO/RMF compliance, continuous monitoring, and audit readiness.
The ideal candidate brings a strong combination of ISSO oversight, hands-on vulnerability management, and secure cloud engineering experience, with the ability to operate in classified, disconnected environments where updates, scanning, and reporting processes must be managed manually and securely.
This role requires deep knowledge of federal security frameworks, a strong automation mindset, and the ability to operate in a fast-paced, mission-critical environment.
US Citizenship required
Clearance Required: Secret or Top Secret
Location: MD, OK, PA, UT, AL
This is a hybrid teleworker role. Employee will be required to travel to the customer site as needed, usually 2 or 3 times a week.
Schedule: M-F, 9am to 5pm. Candidate must be flexible to work evenings and weekends if required
Responsibilities include:
Security Operations & ISSO Functions
Serve as primary ISSO supporting ATO, RMF, and continuous monitoring activities
Develop and maintain ATO artifacts (SSP, POA& M, SAR, control narratives) aligned to NIST 800-53
Ensure compliance with DISA STIGs and federal security standards
Support audits and assessments, including evidence collection and vulnerability closure validation
Tenable / Vulnerability Management (Primary Focus)
Own and operate Tenable platform and distributed Nessus scanners in an air-gapped environment
Configure scan policies, audit files, credentials, repositories, and scan zones
Execute and manage:
Credentialed vulnerability scans
STIG compliance scans
Port and discovery scans
Manage offline plugin and audit content updates in accordance with air-gapped constraints
Ensure full asset coverage, scan accuracy, and remediation tracking across all environments
Generate and deliver vulnerability reports supporting ATO and DISA reporting requirements
Analyze scan results to identify false positives, credential failures, and scan gaps
Translate scan findings into POA& M entries and track remediation to closure
Air-Gapped Security Operations
Maintain secure operations within a disconnected/isolated environment (no outbound connectivity)
Manage manual update processes for plugins, definitions, and audit content
Ensure proper segmentation, scanner placement, and network reachability for scan execution
Support data export, sanitization, and reporting workflows for external consumption
Threat Detection & Incident Response
Monitor logs, alerts, and scan outputs to detect security events
Support incident response lifecycle: detection, containment, eradication, recovery
Correlate vulnerability data with active threats and mission risk
Collaboration & Engineering Integration
Work with Cloud, Network, and Platform Engineering teams to:
Integrate security into system design
Remediate vulnerabilities
Improve hardening baselines
Provide technical guidance on secure configurations and STIG implementation
Automation & Optimization
Automate vulnerability management, reporting, and compliance processes
Improve efficiency in scan execution, data parsing, and remediation workflows
Contribute to continuous improvement of security posture
Knowledge and Skil…