SME-Cloud Security, Expert, Bethesda

Title: SME--Cloud Security, Expert

Location: On-site Bethesda, MD

·       Job Type: Full-time (40 hours per week) with benefits.

·       Availability: immediate.

·       Security Clearance: TS/SCI with FS Polygraph.

·       Years of SCA Experience:

o   4 Years with a PhD

o   6 Years with a master’s degree

o   8 years with a BS degree

Job Description

Cloud Security SME (ISSE/ISSO)

 

•       A successful candidate will work with others on the program security team to provide for all aspects of security including but not limited to the following:

•       Work with others on the program security team to provide for all aspects of security including but not limited to the following Activities:

•       Provide expert-level knowledge, both in context and execution, with the Risk Management Framework to support a NIST SP 800-53 HHM systems through the A&A process.

•       Construct thorough and complete security documentation to include, but not limited to, System Security Plans (SSPs), Plans of Actions and Milestones (POA&Ms), and any other artifacts to support the Body of Evidence (BOE) for the sponsor's approval.

•       Identify security controls and work with engineering, development, and testing staff to construct proper test plans and procedures.

•       Implement security audit reviews, verifying that the audit records are collected and reviewed.

•       Coordinate all security testing exercises, working with external assessment teams and technical staff.

•       Configure and support various AWS services to protect the security posture of the system

 

EDUCATION/EXPERIENCE:

•   Education: Bachelors (Computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline)

 

Desired Skills:

•       Demonstrated strong technical skills and analytic abilities, as well as experience performing system security analysis and risk management.

•       Demonstrated experience with security in the Amazon Web Services environment.

•       Demonstrated experience performing complex technical tasks in pursuit of overall goals with minimal direction.

•       Demonstrated experience in translating an understanding of systems and applications into security test plans and performing hands-on security testing.

•       Demonstrated knowledge of risk management methodologies.

•       Demonstrated experience in analyzing test results and suggesting mitigations for security problems.

•       Demonstrated technical experiences with system configuration, development, and design, specifically in enterprise systems and hypervisors.

•       Demonstrated experience with Linux and virtual platforms.

•       Documented working experience with public and private information security groups and organizations.

•       Possesses experience with communicating vulnerability results and risk posture to senior executives.

Possess a broad knowledge of Information Security policies and guidance, as well as the ability to assist in researching, evaluating, and developing relevant security policies and guidance.