This opportunity offers excellent compensation and career growth opportunities, benefit packages that include 20 days PTO, continuing education bonuses, 401K w/ 3% matching after 90 days, and paid holidays and corporate events!
- Technical analysis and strategic recommendations in regards to FedRAMP activities for federal customers.
- Complete all phases of preparing and reviewing complete ATO packages for information technology systems and/or applications as defined by the Federal Information Security Modernization Act and implemented by the guidance of the GSA Federal Risk and Authorization Management Program (FedRAMP).
- Development, assessment, and analysis of cyber security documentation for client information systems in accordance with FedRAMP.
- Technical guidance for evolving technical security guidelines, security assessment reviews, and conduct, analyze, and manage cloud service provider engagement on behalf of our federal customer.
- System/network vulnerability scanning and analysis using both automated tools and manual techniques.
- Identification and mitigation of cyber security risks through formal assessment activities.
- Support compliance related discussions which includes understanding of applicable compliance frameworks, architectures, and security control requirements (technical and non-technical).
- Must have at least a Bachelor of Science (BS) or Bachelor of Arts degree
- 6+ years of experience in information security
- Strong background with NIST Risk Management Framework (SP 800-53)
- Be able to collaborate with team members
- Strong documentation, presentation, analytics and technical writing experience
- Ability to quickly adapt to customer, environment, policies, procedures, etc.
- Experience with DHS or DoD requirements are a plus.
- Security related certification (CAP, CISM, CISSP, CISM, or equivalent by a recognized and reputable organization)
- Hands-on experience as an ISSO for a federal customer a plus
- Technical background such as Network Engineering, Systems Administration, and Application Development
- Knowledge of laws, directives, orders, etc., pertaining to IT security and directing Federal government agencies.