Tech Stack

Description

You will play a critical role in ensuring the security and integrity of Cloud-focused Information Systems and data by implementing security controls, conducting risk assessments, and ensuring compliance with regulations. You'll work closely with stakeholders to identify vulnerabilities, develop security policies, and support continuous monitoring activities. This position requires technical expertise in cloud security and risk management to help improve the organization's overall security posture.

Requirements

• Relevant Associate or Bachelor’s Degree OR, supporting certifications and relevant job or military experience of 4 years in lieu of degree
• 2 years executing computer security principles and managing cyber risk following RMF, JSIG, or ICD-503
• Experience implementing security practices in cloud environments (AWS, Azure, OCI, or equivalent)
• 3 years implementing security policies for an enterprise/organization
• Experience reviewing security documentation and/or conducting vulnerability assessments
• Compliance with DoD Directive 8140, or any successor directives as applicable to their roles, through the duration of the contract which can also include 8570 IAT Level 1 (e.g. Sec+ or higher)
• Active Top-Secret Clearance, preferred with SCI eligibility
• Must be willing to undergo a polygraph examination if necessary

Responsibilities

• Work in close collaboration with a team of ISSOs and ISSEs to support critical Information Systems and data
• Ensure systems are operated and maintained in accordance with security policies and procedures
• Conduct security assessments and risk analyses to identify vulnerabilities and recommend mitigation strategies
• Develop and implement security policies and procedures to ensure compliance with relevant regulations
• Conduct periodic reviews of Information Systems to ensure compliance with security authorization packages
• Coordinate with systems administrators to perform system scans for Assessment Authorization and continuous monitoring
• Perform compliance audits, participate in incident handling, and lead investigations into security anomalies
• Review audit logs and continuous monitoring tools to identify anomalies, hacking attempts, or insider threats
• Collaborate with stakeholders to ensure the security and integrity of information systems and data