Entrusted by companies with challenging Cybersecurity and IT data management recruiting needs, Flex Staffing Resources identifies exceptional talent and cutting edge companies and brings them together.
Location of Services: Herndon, VA 20171 (1 day a week)
Employment Type: FTE + Benefits
Remote: 80% (4 days a week)
Client supports the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications into various cloud environments. This effort requires security testing/assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities. This position is majority remote (post-pandemic).
This role serves as a “hands-on” senior-level technical security analyst responsible for interfacing with operations and security engineering teams on security issues and information gathering and documenting their implementation in the SSP.
Additionally, this role will assist with the security assessments and continuous monitoring of evidence for any of the clients environments (corporate, commercial regulated, FedRAMP, DOD and International).
GENERAL RESPONSIBILITIES:
- Configuration, Execution and Analysis of vulnerability scans
- Ability to interpret and assess network diagrams and drawings using Visio.
- Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance, patching, and Cybersecurity Vulnerability Assessments (CSVA) mechanisms.
- Demonstrate familiarity with current FedRAMP, DOD and NIST Security controls and technologies, including vulnerability management capabilities.
- Understand enterprise operating environments, including security posture, application environment, and associated security controls.
-
Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
-
Gather information, architecture diagrams and implementation of the security controls through interfacing with the security engineering, and operations and build teams.
- Develop security documentation input of technical control implementation
- Understand the intent of the FedRAMP moderate security controls, FISMA security controls and communicate as needed
- Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of security engineering, build and operations teams through training and mock interviews, update implementation language in the security documentation and develop processes as required, and support FedRAMP PMO/ Agency / CISO requests
- Ability to respond effectively to customer’s concerns regarding ConMon activities
Qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity, disability or protected veteran status.