Address
Form of workJob Description
Clearance Level: Top Secret/SCI with Full Scope Polygraph
Skill Level(s): Subject Matter Expert
• manage security assessment, security compliance, change management, and continuous monitoring activities across five cloud service providers through the Organization’s office.
• assess cloud security technologies for security gaps and weaknesses according to industry standards.
• analyze security scan findings and perform risk analysis on security scan findings.
• review cloud security body of evidence packages for completeness and accuracy.
• collaborate with other internal components and security peers to determine security and potential weaknesses of cloud infrastructure and cloud services.
• advise Organization leadership on cloud security services.
• analyze system alerts to determine if a security weakness exists and document risk mitigation procedures.
• sustain and evolve the Organization’s standard operating procedures to meet Program Objectives.
• facilitate technical exchange meetings (TEMs) with cloud service providers to review cloud service architectures.
Required Skills
Clearance Level: Top Secret/SCI with Full Scope Polygraph
Skill Level(s): Subject Matter Expert
The Candidate shall possess and provide the following required skills and demonstrated experience:
• facilitating Technical Exchange Meeting (TEM) with cloud service providers to review cloud service architectures.
• maintaining assessment and authorization packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements.
• designing, implementing, assessing or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, IBM Cloud, or Microsoft Azure cloud architecture.
• utilizing or reviewing cross domain technology and common architecture designs.
• consulting project teams on system architecture and security posture.
• continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus or Qualys.
• creating, monitoring, or closing system or service Plans Actions and Milestone items (POA&Ms).
• utilizing compliance tools to track assessment and authorization activities such as Xacta 360, Service Now, or RSA Archer.
• common control provider concept within the NIST Risk Management Framework.
• security control assessments (SCAs) to include working with SCAs and preparing security packages for SCAs.
Highly Desired Skills
Other skills and demonstrated experiences that are highly desired but not mandatory to perform the work, include:
• using the Organization’s or similar element assessment and authorizing process.
• creating or reviewing A&A body of evidence documentation in a cloud security environment.
• identifying, implementing, or reviewing appropriate information security controls.
• working in Xacta 360.
Employment Type: Full Time
Workplace Type: On-Site
TRAVEL
Temporary Duty Travel is anticipated for this Position:
• Local
• Within the Continental United States (CONUS)
WHY PENDULUM
At Pendulum, we set an industry standard of doing right by our people so we can do right by our clients. We generously offer:
• 11% 401(k) Matching Contribution
• 5 weeks of Paid Leave
• Health Insurance: Medical, Dental, & Vision
• Generous Training Budget
• Employee Referral Bonus
• Business Development / Growth Incentives
• Opportunities for Paid Training/Certifications and Education
Application Deadline Date: 2/9/2024
Ref#: 2238-04
Please be aware that all of our current positions require an Active U.S Top Secret/SCI Security Clearance with an Active Full Scope Polygraph which requires U.S citizenship.
Pendulum is an Equal Opportunity Employer. Pendulum is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, characteristic or membership in any other group protected by federal, state or local laws.
By submitting your resume for this position, you understand and agree that Pendulum may share your resume, as well as any other related personal information or documentation you provide in your application, with its affiliated companies for the purpose of considering you for other available positions.
Pendulum maintains a drug-free workplace and may perform pre-employment substance abuse testing, where required by contract and permitted by law.
Powered by JazzHR
hMvT4ntDYl
