Cloud Isso Sme

We are looking for a Cloud ISSO SME with experience performing FISMA compliance for the federal government. The Information System Security Officer (ISSO) is responsible for Security Authorization activities in accordance with National Institute of Standards and Technology (NIST) 800 series. A successful candidate will manage tasks related to the planning and preparation for security documentation related to the system authorization process. The individual should have extensive knowledge of cloud environments and FedRAMP processes. The individual should have a strong background in NIST 800-37, Risk Management Framework and NIST 800-53 security controls.
This is a direct hire position with our client, requiring 1-2 days/week onsite at the federal customer's location in Camp Springs, MD.
Responsibilities Include:

• Develop and update the information system security documentation (e.g., Security Plan, Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, eAuthentication, Privacy Threshold Analysis, etc.)
• Ensure systems are appropriately patched and hardened.
• Coordinate the remediation of Plan of Action and Milestones (POA&M) with various groups.
• Facilitate and support the Ongoing Authorization Program.
• Effectively communicate technical information to non-technical personnel.
• Conduct ISSO responsibilities to include the approval of change request, review of audit logs, review of system accounts, and analysis of vulnerability scans.
• Develop waivers & exceptions for information system vulnerabilities.
• Work with clients to develop capabilities, briefings, and presentations.
• Provide security recommendations to the Risk Management Branch Chief.

Required Skills, Experience, and Qualifications:

• Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.
• Must reside within a commutable distance to our client's location in Camp Springs, MD in order to work a hybrid onsite schedule (1-2 days /week onsite).
• Active CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable certification.
• Active AWS, Azure or Google Cloud Certification.
• Prior experience leading systems through the FedRAMP ATO process.
• Bachelor's degree in Information Systems / Information Technology, Computer Science, Computer Engineering, Electrical Engineering, related field, or 4 years of relevant experience.
• 7+ years of total work experience with 4+ years of technical experience working with databases, computers, storage, and networks on one or more of the following platforms: AWS, MS Azure, Google Cloud Platform, VMware, or Oracle Cloud Platform.
• Experience with:
  • Applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings.
  • Cloud engineering, management, maintenance, or architecting with Kubernetes or OpenShift, Ansible, and Terraform.
  • Working with core services, networking, security groups, or policy management in relation to Cloud resources across multiple operating systems.
  • Using Agile or DevOps methodologies for designing, developing, or delivering using appropriate automation techniques and tools.
  • Systems Administration in Linux/Unix (Ubuntu, CentOS, RedHat, Solaris, etc.).
  • Networking (TCP/IP, DNS).
  • Troubleshooting / Support for technical IT issues.
  • Performing risk analysis of FedRAMP tools and services.

• Extensive understanding of Cloud Computing technologies and migration challenges.
• Strong knowledge of best practice Cybersecurity and threat-based Cybersecurity frameworks and trends.
• Knowledge of security tools, security architecture, and NIST security standards and compliance measurements.
• Experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, and 800-137.
• Understanding of the NIST Supplemental guidance for Ongoing Authorization.
• Excellent oral and written communication skills for contact with customers via calls, chats, and email

Desired Skills, Experience, and Qualifications:

• Experience with container and serverless technologies (i.e.: AWS Lambda, Google Cloud Functions, Azure Functions etc.).
• Experience developing DevOps Methodologies by using orchestration tools (i.e.: Chef, Ansible, etc.).
• Engineering/architecture experience with systems in the cloud; specifically, AWS, Google, or Azure.
• Experience with Agile development practices.
• Ability to develop scripts or dashboards.
• Experience with CI/CD - Deployment pipeline experience (e.g., Jenkins, Ansible, Terraform).
• Experience with programming languages (e.g., Python, Java).
• Possess ability to provide security recommendations during the change management process.
• Extensive knowledge of Fortify, Twistlock, Nessus, DBProtect, and WebInspect vulnerability scanners.