Skip to Main Content

Senior Cloud Security Analyst (FedRamp)

Flex Staffing Resources
Herndon, VA
  • Expired: over a month ago. Applications are no longer accepted.
Job Description

Location: Herndon, VA 20171 (near Dulles Airport)

Employment Type: Full-time

Salary: $100,000.00 - $160, 0000 per year plus Benefits

This supporting the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications into various cloud environments. This effort requires security testing/assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities. This position is majority off-site (post-pandemic).

This role serves as a “hands-on” senior-level technical security analyst responsible for interfacing with the build, operations and security engineering teams on security issues and information gathering; creating and managing the Plan of Action and Milestones (POAM) for multiple environments, configuration/execution/analysis of vulnerability scans, gathering the security control implementations information for the technical controls and documenting their implementation in the SSP.

Additionally, this role will assist with the security assessments, and continuous monitoring evidence for any of the environments (corporate, commercial regulated, FedRAMP, DOD and International).

The analyts will be responsible for maintenance of the commercial and corporate environment POAM and analysis of the corresponding vulnerability scans; development of the metrics / trends of vulnerabilities, assisting with the FedRAMP or FISMA authorization processes to include prep of the operations and build teams, and technical documentation summary and update as required. This role serves as a senior level technical security analyst who has the knowledge to create policies and execute vulnerability scans as needed, evaluates the vulnerability scan data and control implementation and who can provide thoughtful recommendations, as well as conduct security impact analysis of changes to the environments. This role must communicate between security, engineering, build/development and operations teams daily, and be able to interpret and document the results of data gathering.

GENERAL RESPONSIBILITIES:

  • Configuration, Execution and Analysis of vulnerability scans
  • Ability to interpret and assess network diagrams and drawings using Visio.
  • Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance, and patching, Cyber Security Vulnerability Assessments (CSVA) mechanisms.
  • Demonstrate familiarity with current FedRAMP, DOD and NIST Security controls and technologies, including vulnerability management capabilities.
  • Understand enterprise operating environments, including security posture, application environment, and associated security controls
  • Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
  • Gather information, architecture diagrams and implementation of the security controls through interfacing with the security engineering, operations and build teams

GENERAL QUALIFICATIONS:

  • Bachelor’s Degree in Computer Science / MIS / Information Technology, or equivalent experience in Information Security, Information Technology, or related technical discipline
  • Minimum 7 years Information Technology experience
  • Experience with Cloud technologies, especially AWS and Azure, desirable
  • Experience with FedRAMP and/or other authorization processes and NIST risk management framework
  • Execution and Analysis of vulnerability scans; such as but not limited to: Nessus/Security Center, WebInspect, etc.
  • Familiarity with Splunk to execute queries, search/review data for impact.
  • Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
  • U.S. Citizenship

SPECIFIC TECHNICAL SKILLS DESIRED:

  • Professional industry certifications in area of expertise.
  • Knowledge of Best Practice and security guides (ex. NIST 800-53 rev 4, NIST 800-53, FedRAMP)
  • ISC CISSP or ISACA CISM or equivalent certification
Company Description
Flex Staffing Resources is a recruiting agency based in the Washington DC metropolitan area. Entrusted by companies with challenge Cyber Security and data management recruiting needs, Flex Staffing Resources identifies exceptional talent and brings them together.
www.CyberSecSource.Com

Flex Staffing Resources

Why Work Here?
This is your opportunity to make an everlasting impact on one of the most prized solutions providers and develop new skills.

Flex Staffing Resources is a recruiting agency based in the Washington DC metropolitan area. Entrusted by companies with challenge Cyber Security and data management recruiting needs, Flex Staffing Resources identifies exceptional talent and brings them together. www.CyberSecSource.Com

Address

Herndon, VA
USA

Industry

Real Estate

Website

View all jobs at Flex Staffing Resources