CyberSecurity Risk Management Specialist

Description:

  • As our CyberSecurity Risk Management Specialist, you will consistently challenge team members to proactively and collectively architect secure IaaS and PaaS solutions within multiple Cloud Service Provider's (CSP).
  • Candidates should have effective task management skills and the ability to communicate effectively.
  • They will be required to prepare, categorize, implement, assess, and monitor systems within accordance with NIST SP 800-53 and DISA CC SRG standards.
  • Subject Matter Expert (SME) in data entry and processes for eMASS, SNAP, PPSM, STIG viewer, etc
  • Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide Product Owners through key processes for submitting IATT, ATO, and ATO-C packages
  • Support the evaluation of security controls against the IaaS and PaaS offerings provided
  • Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process
  • Conduct cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, DISA CC SRG, FISMA, and FIPS 199 and 200)

Requirements:

  • Currently holds TS clearance
  • Candidate must have an active Security + Certification and at least one security certification such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
  • Experience working in AWS, Azure, or GCP to secure IaaS, PaaS, and SaaS offerings
  • Subject matter expertise in conducting security risk assessments for on-prem, hybrid cloud, and cloud systems
  • Highly proficient in knowledge of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
  • Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
  • Experienced with vulnerability scanning tools and technologies such as Prisma Cloud, ACAS, Tenable.IO, Harbor, Windows Defender, etc
  • Familiar with Cloud-based security monitoring tools such as Azure Monitor, Windows Defender, AWS CloudWatch, AWS CloudTrail, AWS Guard Duty, New Relic, Prisma Cloud, Prometheus, etc
  • Profound ability to collaborate well with internal and external stakeholders
  • Strong MS Office skills along with strong verbal and written communication skills
  • Prior experience in the management of technology infrastructure is preferred
  • Knowledge of the DoD is strongly preferred

Benefits:

  • base salary ($115,000 - $135.000)
  • medical, dental, and vision insurance
  • long and short-term disability insurance
  • life insurance
  • 401k program with company match
  • open PTO plan
Back to blog