Cloud Security Compliance Analyst (3006-749)
Herndon, VA

Job Description

Smartronix Inc., a Premier Amazon Web Services Consulting Partner and Gold Microsoft partner, is currently seeking a Senior Information Assurance Specialist to support our Cloud Security & Compliance team responsible for the managed security services and information security maintenance of our customer's cloud-based infrastructures and solutions. The position supports regulatory compliance, including (but not limited to) the performance of system security analysis and vulnerability assessments and the determination of risk.

A qualified candidate must be familiar with DoD RMF, FedRAMP and FISMA and the relevant guidance issued by agencies and the National Institute of Standards and Technology (NIST) including: NIST Special Publication (SP) 800-37, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-30, and NIST SP 800-18. The candidate should have a solid understanding of operating system and networking security, IT system policies, and Security Assessments and Authorizations (SA&A) and knowledge with supporting Defense department customers with securing and maintaining cloud based solutions. The candidate will contribute to system design, capacity planning, operations and maintenance, implementation and sustainment activities across development, staging and production environments and work closely with operations, engineering and Program Managers to ensure proper and timely service delivery of customer's solutions and services. #CJPOST

Additional responsibilities include:

* Maintain eMass accreditation package with continuous monitoring and annual assessments
* Support operational threat analysis based upon log correlation tools
* Support contingency and incident response activities
* Develop monthly and quarterly reports based upon system, vulnerability and network monitoring and alerting capabilities
* Develop risk management framework information assurance documentation
* Recommend improvements; maintain/monitor production and non-production systems to ensure infrastructure performs at maximum efficiency
* Write knowledge base documents to improve operations, SOP and contribute to the overall IT organization

Required Skills

* Ability to apply knowledge of vulnerability management, risk management assessment, and IA policy and procedures to develop, implement, and maintain a secure cloud environment
* Ability to gather customer requirements and translate those requirements into short and long term strategies for support
* Ability to manage time and respond to shifting priorities and tasks
* Ability to work well under pressure and to meet tight deadlines
* High level of motivation, confidence, integrity and responsibility
* Strong analytical and critical thinking skills.
* Strong written and verbal communication skills; ability to present analysis and conclusions with clarity and professionalism with all levels of management
* Proficiency with MS Word, MS Excel, MS PowerPoint and MS Visio
* Recognized security certification for IAM and IAT III required: CISSP

Required Experience

* Must possess 5-7 years cyber security, information security and information assurance experience
* Must possess 3-5 years of experience with RMF and compliance activities (DoD RMF, DIACAP, FISMA, FedRAMP, PCI DSS, HIPAA)
* Must possess 1-3 years of experience securing cloud based systems and solutions
* ISSO or ISSO-like experience is preferred but not required
* DoD active TS/Secret/SSBI Clearance required
* 4 year degree required, or 2 year additional years of experience can be substituted in lieu of degree