Develop and update the information system security documentation for the systems (eg Security Plan Contingency Plan Contingency Plan Test Business Impact Analysis FIPS eAuthentication Privacy Threshold Analysis etc)
Ensure systems are appropriately patched and hardened
Coordinate the remediation of Plan of Action and Milestones (POA&M) with various groups
Facilitate and support the Ongoing Authorization Program
Effectively communicate technical information to nontechnical personnel
Conduct ISSO responsibilities to include the approval of change request review of audit logs review of system accounts and analysis of vulnerability scans
Develop waivers & exceptions for information system vulnerabilities
Work with clients to develop capabilities briefings and presentations
Provide security recommendations to the Risk Management Branch Chief
Requirements years of experience in the following
Design/implementation/consulting experience with Security Compliance and Risk Management
US Government compliance and security standards including NIST FedRAMP FISMA ICD and implementing security concepts / best practices
Managing Certification and Accreditation and continuous monitoring activities utilizing common control frameworks
Managing the security posture of cloud environments and working with engineering teams to remediate and communicating overall risk of environment while identifying areas of improvement
Risk mitigation and selecting or designing appropriate security controls for implementation
Coordinating monitoring and tracking security activities across multiple organizations
Experience of the following
Applying cloud security concepts requirements design development implementation and integration for existing and new technology product offerings
Engineering/architecture for systems in the cloud specifically AWS Azure and/or Google
Working with core services networking security groups or policy management in relation to Cloud resources across multiple operating systems
Migrating or transforming legacy customer solutions to the cloud
Advising customers on cloud architectures and designs meeting US Government accreditation standards
Desired candidate skills include the following
Excellent oral and written communication skills for contact with customers via calls chats and email
Bachelors degree in Information Systems / Information Technology Computer Science Computer Engineering Electrical Engineering related field or technical degree or years of relevant experience
Benefits- (k)
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Tuition reimbursement
- Vision insurance
Requirements Requirements 5+ years of experience in the following: Design/implementation/consulting experience with Security, Compliance, and Risk Management US Government compliance and security standards, including NIST, FedRAMP, FISMA, ICD 503 and implementing security concepts / best practices Managing Certification and Accreditation and continuous monitoring activities utilizing common control frameworks Managing the security posture of cloud environments, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement Risk mitigation and selecting or designing appropriate security controls for implementation Coordinating, monitoring, and tracking security activities across multiple organizations Experience of the following Applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings Engineering/architecture for systems in the cloud; specifically, AWS, Azure and/or Google Working with core services, networking, security groups, or policy management in relation to Cloud resources across multiple operating systems Migrating or transforming legacy customer solutions to the cloud Advising customers on cloud architectures and designs meeting US Government accreditation standards Desired candidate skills include the following: Excellent oral and written communication skills for contact with customers via calls, chats, and email Bachelor's degree in Information Systems / Information Technology, Computer Science, Computer Engineering, Electrical Engineering, related field, or technical degree, or 4 years of relevant experience License/Certification: one of: CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, Security + (Required) one of: AWS, Azure, Cloud Certification (Preferred)