Today
Secret
Mid Level Career (5+ yrs experience)
$125,000 - $150,000
Engineering - Systems
Cloud Computing Specialist SME
Location: Remote
Work Type: Full Time
Job Description
Serves as an Information Assurance and Cloud computing SME with regards to Certification and Accreditation (C&A) and a broad coverage of the application of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) standards and guidance as outlined in the NIST Special Publication(s) (SP) 800-53 and 800-37 (Current versions).
Primary Duties and Responsibilities
Google Cloud Platform (GCP) Service Management
The CCS shall maintain current certification as a Certified Cloud Security Professional. Possesses the ability to work independently with substantial cloud computing security knowledge.
The assessor must have the essential skillsets to identify, manage and resolve cloud computing security risk and implement “best practices” as applied within a cloud environment (across all of the different deployment and service models, and derivatives).
Other Duties and Responsibilities
Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems.
Defines security objectives and system-level performance requirements.
Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities.
Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses.
Maintains the computer and information security incident, damage and threat assessment programs.
Responsible for the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
Involved in the periodic conduct of a review of each system’s audits and monitors corrective actions until all actions are closed.
Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.
Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and
accreditation of systems.
Reviews processes and security protocols and makes recommendations for increased cyber security protection.
Minimum Qualifications
Bachelor’s Degree in Computer Science or a related field.
The CCS must be well versed in FedRAMP assessment methodology of security and privacy controls deployed in cloud information systems to include six (6) domain areas. The six domains include:
Architectural Concepts & Design Requirements
Cloud Data Security
Cloud Platform & Infrastructure Security
Cloud Application Security
Operations
Legal & Compliance Minimum Qualifications:
Five (5) years of relevant C&A experience; Risk Management Framework (RMF) and NIST C&A experience
DOD IA experience
Experience in assessing IA Controls and conducting C&A reviews for large, complex Information systems
Security Clearance
Active Secret level clearance
Sensitivity Level: IT-I Critical Sensitive
Certifications:
Computing Environment: IAT II or IAT III (Security+ or similar)
01-M Baseline Certification: One of the following Azure or AWS cloud-based certification per DLA Approved CE list
AWS Certified Security – Specialty
AWS Certified Solutions Architect – Associate AWS Certified Solutions Architect – Professional Microsoft Certified: Azure Administrator Associate
Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified Azure Security Engineer Associate
Other Job Specific Skills
Must be able to communicate effectively and clearly present technical approaches and findings.
Exercises a limited degree of latitude in determining technical objectives of assignments.
Excellent attention to detail.
Must be able to balance multiple tasks simultaneously.
Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.
Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Compensation and Benefits
Salary Range: $132,000-$142,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)
Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.
Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.
Location: Remote
Work Type: Full Time
Job Description
Serves as an Information Assurance and Cloud computing SME with regards to Certification and Accreditation (C&A) and a broad coverage of the application of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) standards and guidance as outlined in the NIST Special Publication(s) (SP) 800-53 and 800-37 (Current versions).
Primary Duties and Responsibilities
Google Cloud Platform (GCP) Service Management
The CCS shall maintain current certification as a Certified Cloud Security Professional. Possesses the ability to work independently with substantial cloud computing security knowledge.
The assessor must have the essential skillsets to identify, manage and resolve cloud computing security risk and implement “best practices” as applied within a cloud environment (across all of the different deployment and service models, and derivatives).
Other Duties and Responsibilities
Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems.
Defines security objectives and system-level performance requirements.
Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities.
Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses.
Maintains the computer and information security incident, damage and threat assessment programs.
Responsible for the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
Involved in the periodic conduct of a review of each system’s audits and monitors corrective actions until all actions are closed.
Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.
Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and
accreditation of systems.
Reviews processes and security protocols and makes recommendations for increased cyber security protection.
Minimum Qualifications
Bachelor’s Degree in Computer Science or a related field.
The CCS must be well versed in FedRAMP assessment methodology of security and privacy controls deployed in cloud information systems to include six (6) domain areas. The six domains include:
Architectural Concepts & Design Requirements
Cloud Data Security
Cloud Platform & Infrastructure Security
Cloud Application Security
Operations
Legal & Compliance Minimum Qualifications:
Five (5) years of relevant C&A experience; Risk Management Framework (RMF) and NIST C&A experience
DOD IA experience
Experience in assessing IA Controls and conducting C&A reviews for large, complex Information systems
Security Clearance
Active Secret level clearance
Sensitivity Level: IT-I Critical Sensitive
Certifications:
Computing Environment: IAT II or IAT III (Security+ or similar)
01-M Baseline Certification: One of the following Azure or AWS cloud-based certification per DLA Approved CE list
AWS Certified Security – Specialty
AWS Certified Solutions Architect – Associate AWS Certified Solutions Architect – Professional Microsoft Certified: Azure Administrator Associate
Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified Azure Security Engineer Associate
Other Job Specific Skills
Must be able to communicate effectively and clearly present technical approaches and findings.
Exercises a limited degree of latitude in determining technical objectives of assignments.
Excellent attention to detail.
Must be able to balance multiple tasks simultaneously.
Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.
Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Compensation and Benefits
Salary Range: $132,000-$142,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)
Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.
Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.
group id: 91017793
