eMentum

  • Cloud Security Specialist

    Job Location US-Washington DC
    Posted Date 4 months ago(1/9/2018 2:15 PM)
  • Overview

    eMentum, Inc, a Woman-Owned Small Business specializing in Cybersecurity Solutions and Program Management Consulting, is seeking an experienced Cloud Security Specialist to join our team. The successful candidate will be able to apply their experience with the FedRAMP process and NIST guidance, especially the Risk Management Framework (RMF), to obtain Authority to Operate (ATO) for a Platform as a Service environment and applications built for the platform.

     

    Successful completion of government background investigation required.    

     

    Local Washington, DC Metro area candidates only please

     

    eMentum values Diversity and is an Equal Opportunity Employer (M/F/V/D)

    Responsibilities

    eMentum implements Assessment & Authorization (A&A) processes as defined by NIST guidelines, prescribing evaluation of security controls, thereby supporting clients in determining their overall security posture and effectiveness. Our Cloud Security Specialist will

    • Apply the RMF to identify risks and perform the implementation and subsequent assessment of security controls as defined by NIST SP800-53A
    • Follow FIPS 199 guidelines and evaluate the security impact values for confidentiality, integrity, and availability throughout the design and construction project iterations/phases
    • Assess the extent to which security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system(s)
    • Develop determinations of risk, perform remediation, and follow all security policies and procedures to provide comprehensive support for ATO, resulting in the timely delivery of secure business solutions
    • Enable confidentiality, integrity, availability, and accountability by employing proven security controls according to the risk-based management process and the NIST SP800-37 framework
    • Support all FDA accreditation requirements by working closely with client's Security and Operations staff to develop key security documentation (System Security Plans (SSP), Security Assessment Plans, Risk Assessments, Contingency Plans, COOP (DR) Plans, Privacy Impact Assessments, Plans of Action and Milestones (POA&M), etc.)
    • Provide subject matter expertise to support granting and maintenance of ATO.

    Qualifications

    • Experience with applying RMF, FedRAMP, and associated guidance in Platform as a Service environment
    • Ability to coordinate with security officials and business owners to identify and mitigate risks to go-live and ATO target dates
    • Ability to work autonomously
    • Ability to initiate, organize, prioritize, and manage simultaneous tasks to meet delivery timelines for multiple projects
    • Experience using the full suite of Microsoft Office tools
    • Ability to meet deadlines, which are subject to change, and frequently have short time constraints
    • Strong attention to detail coupled with excellent follow up capabilities

     

    Education and/or Experience:

    • BA/BS in Cybersecurity or Computer Science
    • 5 years of experience securing federal cloud solutions
    • Familiarity with NIST, OMB, and FDA/HHS IT and cyber security guidance, HIPAA, Privacy Act, and related requirements

     

    Differentiators:

    • Experience with securing Salesforce or Appian
    • Experience with securing hybrid cloud solutions
    • FDA/HHS experience
    • Experience with HIPAA and Privacy Act
    • Security certifications

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed