Position assists GTA with their AWS Security posture.
Candidate must be knowledgeable with the AWS Security Hub/GuardDuty and associated functions.
Must be able to create scans within AWS, develop reporting matrixes, and then work with DevOps resources to remediate/mitigate any findings in the scans and document remediations.
Will assist in performing penetration testing and threat simulations to identify potential risks.
Must have experience creating System Security Plans (SSP) developed in accordance with FedRAMP guidelines, (including NIST NA0, FISMA, etc.).
Must be able to apply compliance/mitigation plans on all controls included in the SSP.
Should have functional knowledge of applications like Tenable or Qualys, etc., so candidate can log issues for security risk management tracking.
Provide recommendations for security enhancements based upon reviews and best practices.
Experience with other cloud-based environments such as Microsoft's Azure is a desired bonus.
AWS Certified Cloud Practitioner
AWS Certified Sysops Administrator Associate or Certified Solutions Architect
AWS Certified Security Specialty
Required/Desired Skills
Skill | Required /Desired | Amount | of Experience | Consultant Experience |
AWS Security Hub/GuardDuty and associated functions | Required | 3 | Years | |
Create scans within AWS, develop reporting matrixes, and then work with DevOps resources to remediate/mitigate | Required | 3 | Years | |
Creating System Security Plans (SSP) developed in accordance with FedRAMP guidelines, (NIST NA0, FISMA, etc.) | Required | 5 | Years | |
Tenable or Qualys, etc. (so candidate can log issues for security risk management tracking) | Required | 5 | Years | |
Providing security enhancements based upon reviews and best practices | Required | 5 | Years | |
Cloud-based environments such as Microsoft's Azure | Highly desired | 0 | | |
AWS Certified Cloud Practitioner | Required | 0 | | |
AWS Certified Sysops Administrator Associate or Certified Solutions Architect | Required | 0 | | |
AWS Certified Security Specialty | Required | 0 | | |
Questions No. | Question | Consultant Answer |
Question1 | Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement? | |
Question2 | Please list candidate's email address. | |
Question3 | Candidate must be paid AT LEAST NA if selected for engagement. Candidate can be paid more; however, the SRP rate cannot exceed NA. Do you accept this requirement? | |
Question4 | The maximum mark-up for this engagement's SRP rate is 35%. To be competitive on pricing, a mark-up below the 35% threshold is suggested. Do you agree to propose a mark-up at or below 35%? | |
Question5 | This assignment is contingent upon customer renewal and availability of adequate funding. Do you accept this requirement? | |
Question6 | The selected candidate will be expected to start their engagement no later than 2 weeks (10 business days) from the client's selection date. Do you accept this requirement? | |
Question7 | Hybrid work environment. Local candidates required. The candidate will be required to be in the office two days a week. Do you and your candidate accept this requirement? | |