ISSE - FedRAMP/CLOUD/RMF
- We are looking for an experienced ISSE able to perform these day-to-day activities:
- Certification and Accreditation activities, in particular, experience in the area of moving accreditation packages through the RMF process to Authority To Operate (ATO).
- Conducting vulnerability scans, system assessments, risk analysis, and technical recommendations to validate compliance.
- Conducting verification and validation for security information systems, products, and components.
- Analyzing design specifications, design documentation, configuration practices and procedures, and operational practices and procedures.
- Providing identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance.
- Verifying and validating that the system meets the security requirements.
- Determining the type of cloud solution for information systems i.e., IaaS, PasS, SaaS.
- Reviewing completeness and accuracy of DISA Provisional Authorization (DISA PA).
- Clearly differentiate between a FedRAMP ATO and Agency ATO, the process for a system to be accredited from a FedRAMP stand point.
Current SECRET clearance
B.S. degree in a technical discipline
Security + CE minimum.
Minimum five (5) years of directly related security engineering experience - prefer Eight (8) years.
An additional four (4) years of experience may be substituted for the degree.
Desired - knowledge/skills in the following areas:
- Federal Risk and Authorization Management Program ATO(FedRAMP)
- DISA Provisional Authorization (DISA PA)
- Cloud types (IaaS, PaaS, SaaS)
- Joint Authorization Board (JAB)
- Risk Management Framework (RMF)
- Vulnerability and Risk Assessment, Analysis, and Reporting
- DISA Security Content Automation Protocol (SCAP) content and Security
- Technical Implementation Guides (STIGS)
- Malware and Virus prevention, detection, and remediation
- Analysis of system auditing and logging
- Repository (DITPR) /Department of Navy (DON)
- Networking, System Administration Windows and Unix/Linux platforms
Apply here or send your resume directly to email@example.com