Опубликовано в: Телекоммуникации в Пенсильвания | Размещено: |
Job Description
Location: Herndon, VA 20171 (1 day a week)
Employment Type: FTE + Benefits
Remote: 4 days a week
Client is supporting the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications into various cloud environments. This effort requires security assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities.
Analysis of vulnerability scans
Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance, and patching, Cyber Security Vulnerability Assessments (CSVA) mechanisms.
Demonstrate familiarity with current FedRAMP and NIST Security controls and technologies, including vulnerability management capabilities.
Understand enterprise operating environments, including security posture, application environment, and associated security controls
Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
Gather information, architecture diagrams and implementation of the security controls through interfacing with the security engineering, operations and build teams
Develop security documentation input of technical control implementation
Understand the intent of the FedRAMP moderate security controls, FISMA security controls and communicate as needed
Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of security engineering, build and operations teams through training and mock interviews, update implementation language in the security documentation and develop processes as required, and support FedRAMP PMO/ Agency / CISO requests
Ability to respond effectively to customer’s concerns regarding ConMon activities