CyberSecurity Risk Management Specialist

Description:
• As our CyberSecurity Risk Management Specialist, you will consistently challenge team members to proactively and collectively architect secure IaaS and PaaS solutions within multiple Cloud Service Provider’s (CSP).
• Candidates should have effective task management skills and the ability to communicate effectively.
• They will be required to prepare, categorize, implement, assess, and monitor systems within accordance with NIST SP 800-53 and DISA CC SRG standards.
• Subject Matter Expert (SME) in data entry and processes for eMASS, SNAP, PPSM, STIG viewer, etc
• Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide Product Owners through key processes for submitting IATT, ATO, and ATO-C packages
• Support the evaluation of security controls against the IaaS and PaaS offerings provided
• Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process
• Conduct cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, DISA CC SRG, FISMA, and FIPS 199 and 200)

Requirements:
• Currently holds TS clearance
• Candidate must have an active Security + Certification and at least one security certification such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
• Experience working in AWS, Azure, or GCP to secure IaaS, PaaS, and SaaS offerings
• Subject matter expertise in conducting security risk assessments for on-prem, hybrid cloud, and cloud systems
• Highly proficient in knowledge of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
• Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
• Experienced with vulnerability scanning tools and technologies such as Prisma Cloud, ACAS, Tenable.IO, Harbor, Windows Defender, etc
• Familiar with Cloud-based security monitoring tools such as Azure Monitor, Windows Defender, AWS CloudWatch, AWS CloudTrail, AWS Guard Duty, New Relic, Prisma Cloud, Prometheus, etc
• Profound ability to collaborate well with internal and external stakeholders
• Strong MS Office skills along with strong verbal and written communication skills
• Prior experience in the management of technology infrastructure is preferred
• Knowledge of the DoD is strongly preferred

Benefits:
• base salary ($115,000 – $135.000)
• medical, dental, and vision insurance
• long and short-term disability insurance
• life insurance
• 401k program with company match
• open PTO plan