Overview
Remote
On Site
Full Time
Skills
Amazon Web Services
Cloud architecture
Program management office
NIST SP 800 Series
Risk management framework
Multi-factor authentication
IT management
Cloud security
System security
Data management
Cyber security
Risk assessment
Information security
Continuous monitoring
Corrective and preventive action
Microsoft Office
Information Technology
Security+
FedRAMP
Cloud computing
Telecommuting
Regulatory Compliance
Management
Authorization
eMASS
Reporting
RAR
SSP
Auditing
IMPACT
PMO
RMF
SaaS
PaaS
IaaS
DoD
Onboarding
GSLC
Customer engagement
Security clearance
Internet
English
Job Details
This is primarily a Telework position with a requirement to be onsite at least one (1) day a week in Hanover MD.
As a FedRAMP Cloud Security Analyst you will play a crucial role in ensuring the security and compliance of the programs under the DCSA Program Executive Office (PEO). You will be responsible for managing the Federal Risk and Authorization Management Program (FedRAMP) support for Amazon Web Services (AWS) based cloud systems.
BASIC QUALIFICATIONS
Candidates should demonstrate a detailed knowledge the following:
#Broadleaf
Responsibilities
YEARS EXPERIENCE:
At least two (2) years relevant Cloud Security experience.
EDUCATION REQUIREMENTS:
Bachelor's Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology.
CERTIFICAITON(S):
DoDM 8140/DoDM 8570.01-M IAM Level I requirements prior to onboarding e.g., CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP or higher-level certification
Multiple cloud certifications preferred.
CLEARANCE LEVEL:
Active Secret Required and eligibility for TS
WORK ENVIRONMENT AND PHYSICAL DEMANDS:
This is primarily a Telework position with a requirement to be onsite at least one (1) day a week.
If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.
Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.
As a FedRAMP Cloud Security Analyst you will play a crucial role in ensuring the security and compliance of the programs under the DCSA Program Executive Office (PEO). You will be responsible for managing the Federal Risk and Authorization Management Program (FedRAMP) support for Amazon Web Services (AWS) based cloud systems.
BASIC QUALIFICATIONS
Candidates should demonstrate a detailed knowledge the following:
- Prior support of FedRAMP activities for cloud hosted systems such as eMASS Package (ex: Readiness Assessment Report (RAR), System Security Plan (SSP), Plan of actions & Milestones (POA&M), etc.)
- Review, Audit, and validate compliance of DCSA systems Secure Cloud Computing Architecture (SCCA) to ensure cloud systems connections to the Boundary CAP (BCAP) and Virtual Datacenter Security Stack (VDSS) are implemented in accordance with the cloud Security Requirements Guide (SRG) including support for the internal implementation of the Visual Data Management System (VDMS) solutions internally.
- Perform periodic cyber security control assessments of IT cloud systems, identify potential risks and gaps, and make recommendations and implement cloud security improvements based on industry standards and best practices.
- Perform Cyber Security Impact Assessments and Risk Assessments for new and existing cloud systems, determine security posture and viability for organizational use, and make recommendations for cloud security architectures and controls.
- Provide support for the internal Information Security Continuous Monitoring Program for authorization to operate and ongoing authorization approvals for cloud-based IT systems.
- Experience working with Third Party Assessment Organizations (3PAO)
- Participation with the DISA Cloud Joint Verification Team (JVT) Team
- Assist the Product Managers (PMs) and/or Program Management Office (PMO) with cyber security audits and assessments of cloud systems including programmatic reviews and management of corrective action plans.
- Participated in reviews of Information System Agreement (ISA) / Memorandum of Agreement (MOA), listing, etc.
- Worked with the solution engineers to identify best practices and methods required by the FedRAMP PMO to configure and operate within the NIST SP 800 series of controls.
- Assist with non-cloud systems authorization efforts utilizing the Risk Management Framework (RMF).
- Understanding and familiarity with cloud architectures (e.g. SaaS, PaaS, IaaS), common commercial cloud systems (e.g. AWS, Microsoft 365, etc.) as well as specific DOD cloud architecture BCAP, ICAP, SCCA, cloud security solutions (e.g. Cloud Access Security Broker, Multi-factor Authentication, Zero Trust Architecture).
#Broadleaf
Responsibilities
YEARS EXPERIENCE:
At least two (2) years relevant Cloud Security experience.
EDUCATION REQUIREMENTS:
Bachelor's Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology.
CERTIFICAITON(S):
DoDM 8140/DoDM 8570.01-M IAM Level I requirements prior to onboarding e.g., CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP or higher-level certification
Multiple cloud certifications preferred.
CLEARANCE LEVEL:
Active Secret Required and eligibility for TS
WORK ENVIRONMENT AND PHYSICAL DEMANDS:
This is primarily a Telework position with a requirement to be onsite at least one (1) day a week.
If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.
Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.