Title: SME--Cloud Security, Expert
Location: On-site Bethesda, MD
· Job Type: Full-time (40 hours per week) with benefits.
· Availability: immediate.
· Security Clearance: TS/SCI with FS Polygraph.
· Years of SCA Experience:
o 4 Years with a PhD
o 6 Years with a master’s degree
Cloud Security SME (ISSE/ISSO)
• A successful candidate will work with others on the program security team to provide for all aspects of security including but not limited to the following:
• Work with others on the program security team to provide for all aspects of security including but not limited to the following Activities:
• Provide expert-level knowledge, both in context and execution, with the Risk Management Framework to support a NIST SP 800-53 HHM systems through the A&A process.
• Construct thorough and complete security documentation to include, but not limited to, System Security Plans (SSPs), Plans of Actions and Milestones (POA&Ms), and any other artifacts to support the Body of Evidence (BOE) for the sponsor's approval.
• Identify security controls and work with engineering, development, and testing staff to construct proper test plans and procedures.
• Implement security audit reviews, verifying that the audit records are collected and reviewed.
• Coordinate all security testing exercises, working with external assessment teams and technical staff.
• Configure and support various AWS services to protect the security posture of the system
• Education: Bachelors (Computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline)
• Demonstrated strong technical skills and analytic abilities, as well as experience performing system security analysis and risk management.
• Demonstrated experience with security in the Amazon Web Services environment.
• Demonstrated experience performing complex technical tasks in pursuit of overall goals with minimal direction.
• Demonstrated experience in translating an understanding of systems and applications into security test plans and performing hands-on security testing.
• Demonstrated knowledge of risk management methodologies.
• Demonstrated experience in analyzing test results and suggesting mitigations for security problems.
• Demonstrated technical experiences with system configuration, development, and design, specifically in enterprise systems and hypervisors.
• Demonstrated experience with Linux and virtual platforms.
• Documented working experience with public and private information security groups and organizations.
• Possesses experience with communicating vulnerability results and risk posture to senior executives.
Possess a broad knowledge of Information Security policies and guidance, as well as the ability to assist in researching, evaluating, and developing relevant security policies and guidance.
Subscribe to Rise newsletter