CyberSecurity Risk Management Specialist

Job Description: • As our CyberSecurity Risk Management Specialist, you will consistently challenge team members to proactively and collectively architect secure IaaS and PaaS solutions within multiple Cloud Service Provider's (CSP). • Candidates should have effective task management skills and the ability to communicate effectively. • They will be required to prepare, categorize, implement, assess, and monitor systems within accordance with NIST SP 800-53 and DISA CC SRG standards. • Subject Matter Expert (SME) in data entry and processes for eMASS, SNAP, PPSM, STIG viewer, etc • Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide Product Owners through key processes for submitting IATT, ATO, and ATO-C packages • Support the evaluation of security controls against the IaaS and PaaS offerings provided • Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process • Conduct cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, DISA CC SRG, FISMA, and FIPS 199 and 200) Requirements: • Currently holds TS clearance • Candidate must have an active Security + Certification and at least one security certification such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP) • Experience working in AWS, Azure, or GCP to secure IaaS, PaaS, and SaaS offerings • Subject matter expertise in conducting security risk assessments for on-prem, hybrid cloud, and cloud systems • Highly proficient in knowledge of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL) • Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches • Experienced with vulnerability scanning tools and technologies such as Prisma Cloud, ACAS, Tenable.IO, Harbor, Windows Defender, etc • Familiar with Cloud-based security monitoring tools such as Azure Monitor, Windows Defender, AWS CloudWatch, AWS CloudTrail, AWS Guard Duty, New Relic, Prisma Cloud, Prometheus, etc • Profound ability to collaborate well with internal and external stakeholders • Strong MS Office skills along with strong verbal and written communication skills • Prior experience in the management of technology infrastructure is preferred • Knowledge of the DoD is strongly preferred Benefits: • base salary ($115,000 - $135.000) • medical, dental, and vision insurance • long and short-term disability insurance • life insurance • 401k program with company match • open PTO plan