Gilder Search Group
FedRAMP Advisory
Gilder Search Group, Reston, Virginia, United States, 22090
SecureIT is a leading provider of cybersecurity, cloud and compliance advisory services.
We are committed to quality and the relationships that we build with our clients
.At SecureIT, you
will have the opportunity to work alongside industry experts, tackling complex challenges to educate, guide and protect our clients. We
foster an environment of continuous learning, professional growth and collaboration.SecureIT offers
an exciting and rewarding career path with an excellent benefits package.We are currently hiring a Senior Consultant as part of our FedRAMP Advisory team.What you’ll be doing:Serve as the technical security and compliance subject matter expert on FedRAMP advisory engagementsDrive discussions with clients regarding key, complex, and technical FedRAMP areas (e.g., container security, boundary protection, FIPS 140-2 Validated encryption, phishing resistant MFA, DNSSEC, and DMARC)Analyze system boundaries and advise clients in accordance with FedRAMP boundary guidanceProvide technology-specific guidance and advice for commonly used Cloud platforms (e.g., AWS, Azure, GCP, etc.) and technologies (e.g., Windows, Unix, Docker, Kubernetes, etc.)Explain FedRAMP-defined requirements and conventions (e.g., rules that are not formally documented but are widely accepted and enforced) and help cloud service providers apply them to specific environmentsIdentify control gaps and providing comprehensive recommendations and guidance for client remediation including technical solution and tool options for network protection; MFA; vulnerability scanning; configuration management; malware, intrusion, file integrity, and allow-list monitoring; log correlation and analysis (SIEM); etc.Advise clients on navigating FedRAMP’s authorization processes, including timelines and Continuous Monitoring (ConMon) expectationsPerform quality assurance reviews of FedRAMP-required System Security Plans (SSP) and policies and procedure documentation and developing technical content for a subset of the most complex controls and SSP Appendices (e.g., Cryptographic Modules Table)Help clients plan for, establish, and execute regular ConMon processes and providing subject matter guidance on complex ConMon reporting issues, including risk acceptance requests, vulnerability downgrades, configuration deviations, etc.Train and mentor team members on FedRAMP requirements, cloud architectures, DevSecOps, and security tools and technologiesWhat you’ll bring to the table:7-10+ years of progressive experience in technical security assessment/audit or advisory and/or security/cloud engineering with a compliance focus5+ years’ experience as a FedRAMP assessor and/or advisorBachelor’s degree in computer science, information systems or a related disciplineCurrent knowledge of and experience with FedRAMP (rev. 5) requirements and expert-level knowledge of NIST 800-53 control familiesExtensive understanding of commonly used cloud providers, platforms, cloud technologies and security toolsProven skills as a professional services advisor, providing direction and input to diverse clientsEffective communication skills, both interpersonal and written, for both deep-in-the-weeds technical matters and higher-level general conceptsFlexibility to work independently or as a part of a larger teamDemonstrated competence: general security certification (CISSP, CISA, GIAC GSNA, or CAP/CGRC), cloud certification (CCSP, CCSK, CCAK), and/or hyperscale cloud certifications (like AWS Solutions Architect – Professional or AWS Certified Security - Specialty)Ready to Make an Impact?
Reach out today to join our dynamic team and contribute to meaningful work in the cybersecurity and compliance field!
#J-18808-Ljbffr
We are committed to quality and the relationships that we build with our clients
.At SecureIT, you
will have the opportunity to work alongside industry experts, tackling complex challenges to educate, guide and protect our clients. We
foster an environment of continuous learning, professional growth and collaboration.SecureIT offers
an exciting and rewarding career path with an excellent benefits package.We are currently hiring a Senior Consultant as part of our FedRAMP Advisory team.What you’ll be doing:Serve as the technical security and compliance subject matter expert on FedRAMP advisory engagementsDrive discussions with clients regarding key, complex, and technical FedRAMP areas (e.g., container security, boundary protection, FIPS 140-2 Validated encryption, phishing resistant MFA, DNSSEC, and DMARC)Analyze system boundaries and advise clients in accordance with FedRAMP boundary guidanceProvide technology-specific guidance and advice for commonly used Cloud platforms (e.g., AWS, Azure, GCP, etc.) and technologies (e.g., Windows, Unix, Docker, Kubernetes, etc.)Explain FedRAMP-defined requirements and conventions (e.g., rules that are not formally documented but are widely accepted and enforced) and help cloud service providers apply them to specific environmentsIdentify control gaps and providing comprehensive recommendations and guidance for client remediation including technical solution and tool options for network protection; MFA; vulnerability scanning; configuration management; malware, intrusion, file integrity, and allow-list monitoring; log correlation and analysis (SIEM); etc.Advise clients on navigating FedRAMP’s authorization processes, including timelines and Continuous Monitoring (ConMon) expectationsPerform quality assurance reviews of FedRAMP-required System Security Plans (SSP) and policies and procedure documentation and developing technical content for a subset of the most complex controls and SSP Appendices (e.g., Cryptographic Modules Table)Help clients plan for, establish, and execute regular ConMon processes and providing subject matter guidance on complex ConMon reporting issues, including risk acceptance requests, vulnerability downgrades, configuration deviations, etc.Train and mentor team members on FedRAMP requirements, cloud architectures, DevSecOps, and security tools and technologiesWhat you’ll bring to the table:7-10+ years of progressive experience in technical security assessment/audit or advisory and/or security/cloud engineering with a compliance focus5+ years’ experience as a FedRAMP assessor and/or advisorBachelor’s degree in computer science, information systems or a related disciplineCurrent knowledge of and experience with FedRAMP (rev. 5) requirements and expert-level knowledge of NIST 800-53 control familiesExtensive understanding of commonly used cloud providers, platforms, cloud technologies and security toolsProven skills as a professional services advisor, providing direction and input to diverse clientsEffective communication skills, both interpersonal and written, for both deep-in-the-weeds technical matters and higher-level general conceptsFlexibility to work independently or as a part of a larger teamDemonstrated competence: general security certification (CISSP, CISA, GIAC GSNA, or CAP/CGRC), cloud certification (CCSP, CCSK, CCAK), and/or hyperscale cloud certifications (like AWS Solutions Architect – Professional or AWS Certified Security - Specialty)Ready to Make an Impact?
Reach out today to join our dynamic team and contribute to meaningful work in the cybersecurity and compliance field!
#J-18808-Ljbffr