FedRAMP Cloud Cybersecurity Analyst(Primarily Remote) with Security Clearance
This is primarily a Telework position with a requirement to be onsite at least one (1) day a week in Hanover MDAs a FedRAMP Cloud Security Analyst you will play a crucial role in ensuring the security and compliance of the programs under the DCSA Program Executive Office (PEO)You will be responsible for managing the Federal Risk and Authorization Management Program (FedRAMP) support for Amazon Web Services (AWS) based cloud systemsBASIC QUALIFICATIONS Candidates should demonstrate a detailed knowledge the following:
o Prior support of FedRAMP activities for cloud hosted systems such as eMASS Package (ex:
Readiness Assessment Report (RAR), System Security Plan (SSP), Plan of actions & Milestones (POA&M), etc.)o Review, Audit, and validate compliance of DCSA systems Secure Cloud Computing Architecture (SCCA) to ensure cloud systems connections to the Boundary CAP (BCAP) and Virtual Datacenter Security Stack (VDSS) are implemented in accordance with the cloud Security Requirements Guide (SRG) including support for the internal implementation of the Visual Data Management System (VDMS) solutions internally.o Perform periodic cyber security control assessments of IT cloud systems, identify potential risks and gaps, and make recommendations and implement cloud security improvements based on industry standards and best practices.o Perform Cyber Security Impact Assessments and Risk Assessments for new and existing cloud systems, determine security posture and viability for organizational use, and make recommendations for cloud security architectures and controls.o Provide support for the internal Information Security Continuous Monitoring Program for authorization to operate and ongoing authorization approvals for cloud-based IT systems.o Experience working with Third Party Assessment Organizations (3PAO)o Participation with the DISA Cloud Joint Verification Team (JVT) Teamo Assist the Product Managers (PMs) and/or Program Management Office (PMO) with cyber security audits and assessments of cloud systems including programmatic reviews and management of corrective action plans.o Participated in reviews of Information System Agreement (ISA) / Memorandum of Agreement (MOA), Whitelisting, etc.o Worked with the solution engineers to identify best practices and methods required by the FedRAMP PMO to configure and operate within the NIST SP 800 series of controls.o Assist with non-cloud systems authorization efforts utilizing the Risk Management Framework (RMF).o Understanding and familiarity with cloud architectures (e.gSaaS, PaaS, IaaS), common commercial cloud systems (e.gAWS, Microsoft 365, etc.) as well as specific DOD cloud architecture BCAP, ICAP, SCCA, cloud security solutions (e.gCloud Access Security Broker, Multi-factor Authentication, Zero Trust Architecture)#Broadleaf YEARS
Experience:
At least two (2) years relevant Cloud Security experienceEDUCATION REQUIREMENTS:
Bachelor's Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information TechnologyCERTIFICAITON(S):
DoDM 8140/DoDM 8570.01-M IAM Level I requirements prior to onboarding e.g., CAP, CND, Cloud+, GSLC, Security
CE, HCISPP or higher-level certificationMultiple cloud certifications preferredCLEARANCE LEVEL:
Active Secret Required and eligibility for TS WORK ENVIRONMENT AND PHYSICAL DEMANDS:
This is primarily a Telework position with a requirement to be onsite at least one (1) day a weekIf alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connectionMust speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form. Recommended Skills Architecture Assessments Auditing Cloud Computing Security Cloud Platform System Corrective And Preventive Action (Capa) Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
o Prior support of FedRAMP activities for cloud hosted systems such as eMASS Package (ex:
Readiness Assessment Report (RAR), System Security Plan (SSP), Plan of actions & Milestones (POA&M), etc.)o Review, Audit, and validate compliance of DCSA systems Secure Cloud Computing Architecture (SCCA) to ensure cloud systems connections to the Boundary CAP (BCAP) and Virtual Datacenter Security Stack (VDSS) are implemented in accordance with the cloud Security Requirements Guide (SRG) including support for the internal implementation of the Visual Data Management System (VDMS) solutions internally.o Perform periodic cyber security control assessments of IT cloud systems, identify potential risks and gaps, and make recommendations and implement cloud security improvements based on industry standards and best practices.o Perform Cyber Security Impact Assessments and Risk Assessments for new and existing cloud systems, determine security posture and viability for organizational use, and make recommendations for cloud security architectures and controls.o Provide support for the internal Information Security Continuous Monitoring Program for authorization to operate and ongoing authorization approvals for cloud-based IT systems.o Experience working with Third Party Assessment Organizations (3PAO)o Participation with the DISA Cloud Joint Verification Team (JVT) Teamo Assist the Product Managers (PMs) and/or Program Management Office (PMO) with cyber security audits and assessments of cloud systems including programmatic reviews and management of corrective action plans.o Participated in reviews of Information System Agreement (ISA) / Memorandum of Agreement (MOA), Whitelisting, etc.o Worked with the solution engineers to identify best practices and methods required by the FedRAMP PMO to configure and operate within the NIST SP 800 series of controls.o Assist with non-cloud systems authorization efforts utilizing the Risk Management Framework (RMF).o Understanding and familiarity with cloud architectures (e.gSaaS, PaaS, IaaS), common commercial cloud systems (e.gAWS, Microsoft 365, etc.) as well as specific DOD cloud architecture BCAP, ICAP, SCCA, cloud security solutions (e.gCloud Access Security Broker, Multi-factor Authentication, Zero Trust Architecture)#Broadleaf YEARS
Experience:
At least two (2) years relevant Cloud Security experienceEDUCATION REQUIREMENTS:
Bachelor's Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information TechnologyCERTIFICAITON(S):
DoDM 8140/DoDM 8570.01-M IAM Level I requirements prior to onboarding e.g., CAP, CND, Cloud+, GSLC, Security
CE, HCISPP or higher-level certificationMultiple cloud certifications preferredCLEARANCE LEVEL:
Active Secret Required and eligibility for TS WORK ENVIRONMENT AND PHYSICAL DEMANDS:
This is primarily a Telework position with a requirement to be onsite at least one (1) day a weekIf alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connectionMust speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form. Recommended Skills Architecture Assessments Auditing Cloud Computing Security Cloud Platform System Corrective And Preventive Action (Capa) Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
