Steampunk.com
Cloud Security SME
Steampunk.com, Mc Lean, Virginia, us, 22107
Overview
Design. Disrupt. Repeat.
Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is the explosive collision of human-centered design and traditional government contracting. We are an employee-owned company with a startup mindset and time-tested approaches tailored for the federal government. We’re passionate about creating solutions that are impactful, practical, and scalable while meeting our clients’ ever-changing needs. We believe in empowering our people to find creative solutions to intractable problems. We believe the best environment in which to grow and thrive is outside our comfort zone. We believe that while good design makes for a good product, human-centered design makes for an excellent one.
Steampunk isseeking a
Cloud Security
SME
withyears of experienceleveragingfederal regulatoryand health scienceexpertiseto advance the adoption of secure cloud implementations for our federal customers. The primary responsibilities for the position are to support all activities that architect secure cloud implementations, support documentation and control implementation for security authorizations (ATOs), and advocate and implement security best practices toreducetheorganization’s level of riskwhen migrating to orleveragingthe cloud.The nature of the work requires that the candidate demonstrate initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment.The candidate must be able to communicate effectively and decisively with all levels of the organization,be able to solvecomplexproblems, and exercise sound judgement with regards to sensitive and confidentialinformation.
Contributions
Asa
Cloud Security
SME
,you'llplay a crucial role in securing an organization's information systems and data, particularly in federal government agencies where data security and compliance are paramount. Your contributions will encompass a wide range of responsibilities and activities aimed at safeguarding sensitive information,complying withregulations, and mitigating cybersecurity risks.
Identifyand implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy
Understanding the needs of stakeholders andoptimizingsolutions that marry security with usability
Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate
Ensure that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g.NIST, ISO 27011, HIPPA, FISMA, etc.)
Automate security processes such as vulnerability management and patch management
Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit
Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
Review and assess the security architecture of new systems, applications, and technologies toidentifyand mitigate potential risks.
Lead in the design and development of tools that automate compliance activities.
Recommendappropriate mitigationmeasures and advise on proper design trade-offs in terms of potential impacts and cost benefits.
Proactively create,monitorand update the status of POA&Ms to ensure weaknesses are resolved in accordancetotheir scheduled completion dates.
Review and update security authorization documents as needed, but at leastannually;
Perform system self-assessments as part of the customer's Ongoing Authorizationprogram;
Provideaudit support for assigned systems (Financial, A-123, FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and Post Audit).
Participate in DevOps Sec (security integrated into Agile processes) requirements for assignedsystems.
EnsureCM processes are followed to ensure thatanychanges do not introduce new security risks.
Qualifications
Required:
Ability to obtain a U.S. government Security Clearance
BS Degree in an IT field OR BS in a non-IT field and8years related IT experience
8 Years of Experience supportingInformationAssurance or CloudSecurity programs
5 Years of Experience architecting, designing, developing, and implementing cloud solutions
5 Years of Experience with one or more clouds (i.e.AWS, Azure, or GCP)
5 Years of Experience with systems development in an Agile environment
3Years of Experience providing conducting monitoring, risk assessment, threat modeling and security testing in cloud environments
3 Years of Experience documenting POAMs, SSPs, and A&A support documentation
Must possessainformation security certification
Excellent written and verbal communication skills, interpersonal and collaborative skills
Experience with documenting an as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations preferred
Extensive specialized knowledge of cloud engineering or application and design
Specialized knowledgeand experience in:
Evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines Knowledge and experience with the vulnerability scanning execution, assessment, and analysis
Evaluating operating system and network engineering (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
Evaluatingapplication security, database security, and network security
Supportingvulnerability scanning, assessment, and analysis
Leveragingfederalinformation securityregulation, standards,assurance principles (e.g., Defense-in-depth) and associated supporting technologies
Hands-on experience with AWS and Azure
Preferred:
Able to commute to limited in person activities in the Washington, DC Metro area
Ability topossessa certification inat least two of the four CSPs: AWS, Azure, GCP, or OCI
Hands-on experience with GCP and OCI
About
steampunk
Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $130,000 to $190,000. The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here.
Steampunk is a
Change Agent
in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our
Human-Centered delivery methodology
, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an
employee owned company
, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.
Refer a Friend (https://careers-steampunk.icims.com/jobs/5935/cloud-security-sme/job?mode=apply&apply=yes&in_iframe=1&hashed=-336029103)
Need help finding the right job?
We can recommend jobs specifically for you!
Job Location
US-VA-McLean
Posted Date
3 weeks ago
(12/17/2024 9:47 AM)
Job ID
5935
Clearance Requirement
Public Trust
Design. Disrupt. Repeat.
Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is the explosive collision of human-centered design and traditional government contracting. We are an employee-owned company with a startup mindset and time-tested approaches tailored for the federal government. We’re passionate about creating solutions that are impactful, practical, and scalable while meeting our clients’ ever-changing needs. We believe in empowering our people to find creative solutions to intractable problems. We believe the best environment in which to grow and thrive is outside our comfort zone. We believe that while good design makes for a good product, human-centered design makes for an excellent one.
Steampunk isseeking a
Cloud Security
SME
withyears of experienceleveragingfederal regulatoryand health scienceexpertiseto advance the adoption of secure cloud implementations for our federal customers. The primary responsibilities for the position are to support all activities that architect secure cloud implementations, support documentation and control implementation for security authorizations (ATOs), and advocate and implement security best practices toreducetheorganization’s level of riskwhen migrating to orleveragingthe cloud.The nature of the work requires that the candidate demonstrate initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment.The candidate must be able to communicate effectively and decisively with all levels of the organization,be able to solvecomplexproblems, and exercise sound judgement with regards to sensitive and confidentialinformation.
Contributions
Asa
Cloud Security
SME
,you'llplay a crucial role in securing an organization's information systems and data, particularly in federal government agencies where data security and compliance are paramount. Your contributions will encompass a wide range of responsibilities and activities aimed at safeguarding sensitive information,complying withregulations, and mitigating cybersecurity risks.
Identifyand implement the most secure cloud-based solutions for the customer including components for zero-trust architectures, identity and access management policy, and data privacy
Understanding the needs of stakeholders andoptimizingsolutions that marry security with usability
Monitor cloud environments for suspicious activities with cloud native monitoring or SIEM solutions and investigate security incidents where appropriate
Ensure that systems are safe and secure against cybersecurity threats through risk assessment, threat modeling, and compliance with industry standards (e.g.NIST, ISO 27011, HIPPA, FISMA, etc.)
Automate security processes such as vulnerability management and patch management
Ensure effective design and implementation of data protection and encryption mechanisms for data at rest and in transit
Document as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations
Review and assess the security architecture of new systems, applications, and technologies toidentifyand mitigate potential risks.
Lead in the design and development of tools that automate compliance activities.
Recommendappropriate mitigationmeasures and advise on proper design trade-offs in terms of potential impacts and cost benefits.
Proactively create,monitorand update the status of POA&Ms to ensure weaknesses are resolved in accordancetotheir scheduled completion dates.
Review and update security authorization documents as needed, but at leastannually;
Perform system self-assessments as part of the customer's Ongoing Authorizationprogram;
Provideaudit support for assigned systems (Financial, A-123, FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and Post Audit).
Participate in DevOps Sec (security integrated into Agile processes) requirements for assignedsystems.
EnsureCM processes are followed to ensure thatanychanges do not introduce new security risks.
Qualifications
Required:
Ability to obtain a U.S. government Security Clearance
BS Degree in an IT field OR BS in a non-IT field and8years related IT experience
8 Years of Experience supportingInformationAssurance or CloudSecurity programs
5 Years of Experience architecting, designing, developing, and implementing cloud solutions
5 Years of Experience with one or more clouds (i.e.AWS, Azure, or GCP)
5 Years of Experience with systems development in an Agile environment
3Years of Experience providing conducting monitoring, risk assessment, threat modeling and security testing in cloud environments
3 Years of Experience documenting POAMs, SSPs, and A&A support documentation
Must possessainformation security certification
Excellent written and verbal communication skills, interpersonal and collaborative skills
Experience with documenting an as-is state of the environment, perform a gap analysis, and produce artifacts that articulate options and recommendations preferred
Extensive specialized knowledge of cloud engineering or application and design
Specialized knowledgeand experience in:
Evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines Knowledge and experience with the vulnerability scanning execution, assessment, and analysis
Evaluating operating system and network engineering (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
Evaluatingapplication security, database security, and network security
Supportingvulnerability scanning, assessment, and analysis
Leveragingfederalinformation securityregulation, standards,assurance principles (e.g., Defense-in-depth) and associated supporting technologies
Hands-on experience with AWS and Azure
Preferred:
Able to commute to limited in person activities in the Washington, DC Metro area
Ability topossessa certification inat least two of the four CSPs: AWS, Azure, GCP, or OCI
Hands-on experience with GCP and OCI
About
steampunk
Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $130,000 to $190,000. The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here.
Steampunk is a
Change Agent
in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our
Human-Centered delivery methodology
, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an
employee owned company
, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.
Refer a Friend (https://careers-steampunk.icims.com/jobs/5935/cloud-security-sme/job?mode=apply&apply=yes&in_iframe=1&hashed=-336029103)
Need help finding the right job?
We can recommend jobs specifically for you!
Job Location
US-VA-McLean
Posted Date
3 weeks ago
(12/17/2024 9:47 AM)
Job ID
5935
Clearance Requirement
Public Trust