System One Holdings, LLC
Cloud Cyber Security Technical Specialist (Secret Clearance)
System One Holdings, LLC, Aberdeen Proving Ground, Maryland, United States,
Cloud Cyber Security Technical Specialist Aberdeen Proving Ground - Onsite Secret clearance is required to start Must hold a DoD 8570 IAT Level III certification such as CISSP, CASP+ CE, or CISA. Must hold a Microsoft Certified Azure Administrator Associate (AZ104) certification or higher. Qualifications: •3+ years experience cyber security and information assurance. •Bachelor's degree in a related field. •Must hold a DoD 8570 IAT Level III certification such as CISSP, CASP+ CE, or CISA. •Must hold a Microsoft Certified Azure Administrator Associate (AZ104) certification or higher. •Proficient with cyber security/IT tools such as ACAS, HBSS/ESS, and eMASS. •Familiar with DISA Security Technical Implementation Guides (STIGs). •Knowledge and understanding of NIST 800 series framework, including the Risk Management Framework Process. •Experience in information security, including technical assessment of IT security controls and devices for networks, applications, and systems, particularly cloud-based applications and services in Microsoft Azure. •Experience performing IT audit, IT compliance, enterprise risk management, creating/updating/implementing policy, security scanning, providing security-related technical guidance, and hardening devices. •Able to act as a subject matter expert in evaluating technical risks, understanding how changes in system configuration and/or network architecture affect a system's security posture and risk profile, and evaluating and applying technical cybersecurity measures of IT systems and networks at the enclave level. •Experience implementing cyber security controls and countermeasures in cloud environments, specifically Microsoft Azure. Major Duties & Responsibilities: •Ensure the security of Azure cloud-based applications by performing scan and patch management, cyber security planning and policy management, cyber auditing, configuration management, Risk Management Framework (RMF) Authorization Management, and DevSecOps. •Support the ISSM-O in the creation and maintenance of all required policies, procedures, diagrams, hardware/software listings, and all other necessary artifacts required to obtain and maintain the ATO. •Support cyber security tasks including: scan and patch management; planning and policy management; auditing; configuration management; RMF Authorization Management; DevSecOps; incident response; vulnerability scanning; STIG compliance checking; HBSS/Endpoint Security Solution; network access control; and POA&M creation.#M2