Responsibilities

Lead rapid assessment teams to identify gaps, risks and remediations for information system 
Identify FedRAMP Boundary components in customer deployments 
Coordinate with internal stakeholder engineering teams to demonstrate the implementation of security compliance control per technical, management, and operational requirements 
Perform vulnerability and compliance scanning, analyze results, provide assessments and reviews 
Audit security control to ensure compliance with cloud requirements and governance models 
Support the development of technical material, operational processes, security policies, and other core documents  
Manage compliance metrics

Write proposals demonstrating a sound understanding of basic contract language 
Manage program for Plans of Action and Milestones (POA&Ms) 
Coordinate and manage onsite assessments with external stakeholder 
Interview subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures 
Produce and edit technical drawings using MS Visio and similar design tools 
Clearly document client deliverable that specifies a framework of policies and procedures that include all legal, physical, and technical controls involved in an organization’s risk management

Requirements

Bachelor's degree from an accredited university in English, Business Writing, Business Administration, etc. 
DHS Continuous Monitoring Program Education preferred 
Five years minimum writing technical documentation demonstrating knowledge of Cloud and Security concepts 
Five years minimum experience with NIST SP 800 Series, FedRAMP and FISMA and NIST SP 800-171  
Five years minimum writing, editing, and/or managing a wide variety of IT security documentation and familiarity with federal IT standards such as Federal Information Security Management Act (FISMA)  
Five years minimum working with NIST SP 800 Series, FedRAMP and FISMA, ISO27001, and NIST SP 800-171  
Three years minimum with cloud data security (FISMA/FedRAMP compliance) and working with public cloud solutions (AWS, Google, and Azure)  
Three years minimum interviewing subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.

Three years minimum producing and editing technical drawings using MS Visio or similar design 
Knowledge of Control Objectives for Information and Related Technologies (COBIT) framework  
Authorized to work in the United States without the need for visa sponsorship now or in the future 
Position is restricted to clearance requirements and must have performed FedRAMP Advisory or Assessment as a 3PAO
Excellent verbal and written communication skills 
Ability to articulate complex information to both technical and non-technical audiences  
Team player that clearly and proactively communicates with internal and external stakeholders  
Ability to prioritize work to deliver on multiple projects simultaneously