ALTA IT Services
Cloud Cyber Security Technical Specialist (Secret Clearance)
ALTA IT Services, Aberdeen Proving Ground, MD, United States
Cloud Cyber Security Technical Specialist
If you would like to know a bit more about this opportunity, or are considering applying, then please read the following job information.
Aberdeen Proving Ground - Onsite
Secret clearance is required to start
Must hold a DoD 8570 IAT Level III certification such as CISSP, CASP+ CE, or CISA.
Must hold a Microsoft Certified Azure Administrator Associate (AZ104) certification or higher.
Qualifications:
- 3+ years experience cyber security and information assurance.
- Bachelor's degree in a related field.
- Must hold a DoD 8570 IAT Level III certification such as CISSP, CASP+ CE, or CISA.
- Must hold a Microsoft Certified Azure Administrator Associate (AZ104) certification or higher.
- Proficient with cyber security/IT tools such as ACAS, HBSS/ESS, and eMASS.
- Familiar with DISA Security Technical Implementation Guides (STIGs).
- Knowledge and understanding of NIST 800 series framework, including the Risk Management Framework Process.
- Experience in information security, including technical assessment of IT security controls and devices for networks, applications, and systems, particularly cloud-based applications and services in Microsoft Azure.
- Experience performing IT audit, IT compliance, enterprise risk management, creating/updating/implementing policy, security scanning, providing security-related technical guidance, and hardening devices.
- Able to act as a subject matter expert in evaluating technical risks, understanding how changes in system configuration and/or network architecture affect a system's security posture and risk profile, and evaluating and applying technical cybersecurity measures of IT systems and networks at the enclave level.
- Experience implementing cyber security controls and countermeasures in cloud environments, specifically Microsoft Azure.
Major Duties & Responsibilities:
- Ensure the security of Azure cloud-based applications by performing scan and patch management, cyber security planning and policy management, cyber auditing, configuration management, Risk Management Framework (RMF) Authorization Management, and DevSecOps.
- Support the ISSM-O in the creation and maintenance of all required policies, procedures, diagrams, hardware/software listings, and all other necessary artifacts required to obtain and maintain the ATO.
- Support cyber security tasks including: scan and patch management; planning and policy management; auditing; configuration management; RMF Authorization Management; DevSecOps; incident response; vulnerability scanning; STIG compliance checking; HBSS/Endpoint Security Solution; network access control; and POA&M creation.
#M2