FedRAMP Cloud Cybersecurity Analyst with Security Clearance
Company: ASRC Federal
Location: Quantico
Posted on: April 15, 2024
|
|
Job Description:
OVERVIEW:--- DCSA requires Cybersecurity Cloud support to
maintain IT infrastructure, applications, and any new development
projects in the cloudAs such, technical analysis, research,
evaluation, and technical guidelines shall be performed to
accomplish the needed supportThe workload for the Cybersecurity
Analyst will vary depending on the number of active developments
including Federal Risk and Authorization Management Program
(FedRAMP) and Risk Management Framework (RMF) governance tier level
as well as other technical evaluations required by DCSAJOB
DUTIES:--- Prior support of FedRAMP activities for cloud hosted
systems such as eMASS Package (ex: Readiness Assessment Report
(RAR), System Security Plan (SSP), Plan of actions & Milestones
(POA&M), etc.--- Review, Audit, and validate compliance of DCSA
systems Secure Cloud Computing Architecture (SCCA) to ensure cloud
systems connections to the Boundary CAP (BCAP) and Virtual
Datacenter Security Stack (VDSS) are implemented in accordance with
the cloud Security Requirements Guide (SRG) including support for
the internal implementation of the Visual Data Management System
(VDMS) solutions internally.--- Perform periodic cyber security
control assessments of IT cloud systems, identify potential risks
and gaps, and make recommendations and implement cloud security
improvements based on industry standards and best practices.---
Perform Cyber Security Impact Assessments and Risk Assessments for
new and existing cloud systems, determine security posture and
viability for organizational use, and make recommendations for
cloud security architectures and controls.--- Provide support for
the internal Information Security Continuous Monitoring Program for
authorization to operate and ongoing authorization approvals for
cloud-based IT systems.--- Experience working with Third Party
Assessment Organizations (3PAO)--- Participation with the DISA
Cloud Joint Verification Team (JVT) Team--- Assist the Product
Managers (PMs) and/or Program Management Office (PMO) with cyber
security audits and assessments of cloud systems including
programmatic reviews and management of corrective action plans.---
Participated in reviews of Information System Agreement (ISA) /
Memorandum of Agreement (MOA), Whitelisting, etc.--- Worked with
the solution engineers to identify best practices and methods
required by the FedRAMP PMO to configure and operate within the
NIST SP 800 series of controls.--- Assist with non-cloud systems
authorization efforts utilizing the Risk Management Framework
(RMF).--- Demonstrated experience with research and analysis of
Commercial-Off-The-Shelf (COTS) and Government-Off-The-Shelf (GOTS)
and IA-enabled products as part of the security architecture and
ensure products are National Security Telecommunications and
Information Systems Security Policy Number 11 (NSTISSP-11)
compliant and validated via the NIAP Common Criteria Evaluation and
Validation Scheme or NIST Federal Information Processing Standards
(FIPS) Cryptographic Module Validation Program (CMVP)WORK
ENVIROMENT:--- Hybrid work schedule available dependent on work
demandsBASIC QUALIFICATIONS:--- At least three (3) Years of Cloud
Cybersecurity experience.--- Be able to maintain TS/SCI clearance
and access to require to DoD systems including NIPRNet, SIPRNet,
and JWICS.--- Knowledge of Federal/DoD IT and Cloud security
policies, IT configuration tools, Network Security, and other
applicable Cybersecurity Policies.--- Understanding and familiarity
with cloud architectures (e.g., SaaS, PaaS, IaaS), common
commercial cloud systems (e.g., AWS, Microsoft 365, etc.) as well
as specific DOD cloud architecture BCAP, ICAP, SCCA, cloud security
solutions (e.g., Cloud Access Security Broker, Multi-factor
Authentication, Zero Trust Architecture).--- Understanding of DOD
cyber security standards and methodologies including NIST 800-53
Cyber Security Controls, the FedRAMP, the DODI 8510.01 RMF, FISMA,
and NIST 800-37 Risk Management.--- Excellent communication
(written and oral) and interpersonal skillsEDUCATION:--- At least
an Associates Bachelor's Degree, in Cybersecurity, and/or
Information Systems Management--- Bachelor's Degree, in
Cybersecurity, and/or Information Systems Management preferred
CERTIFICATION(s):--- Required to have a cloud certification and
DD8140/DoD8570.01-M IASAE level I or IAM level II or IAT level II
at time of onboarding.--- Cloud certifications preferredCLEARANCE
LEVEL:--- Active TS with the ability to obtain a SCI Clearance
Keywords: ASRC Federal, Burke , FedRAMP Cloud Cybersecurity Analyst with Security Clearance, Professions , Quantico, Virginia
Click
here to apply!
|