Senior Cybersecurity Consultant

Job Description: 

As a member of the FedRAMP compliance and advisory team, your work will revolve around the delivery of FedRAMP, FISMA and CMMC advisory services and deliverables as it pertains to enterprise security architectures of cloud and containerized environments.

This includes:

• Providing enterprise-level advisory for clients on how to achieve cloud security requirements as part of migrations, greenfield builds, and/or existing environments.
• Performing maturity gap assessments against client cloud and container environments,

As a Senior Consultant on the team, your specific responsibilities in contributing to these deliveries will consist of the following:

• Delivery team support, including: identifying process improvements and training.
• Developing methodologies, templates, whitepapers, work instructions, guidelines, forms, tools, blogs
• Creating industry consistency and intellectual property for stackArmor products and services
• Client work, including:
• Directly working on client engagements, supporting delivery QA and subject matter expertise.
• Developing and delivering of whitepapers and custom webinars / presentations.
• Supporting management of client satisfaction at all phases of the client relationship.
• Continuous professional development in maintaining industry specific certifications, building and maintaining strong depth of knowledge in the practice area.

Expected Work Experience

• BS or above in related Information Technology field or equivalent combination of education and experience.
• Deep technical or consultative experience with IaaS, SaaS, and PaaS cloud service models;
• Project management experience for individual and team projects (ability to track detailed tasks and ensure timely delivery)
• Excellent communication, organizational, and critical thinking skills.
• Effective documentation skills, to include technical diagrams and written descriptions.
• Ability to work independently and as part of a team with professional attitude and demeanor.
• Critical thinking, and ability to balance security requirements with mission needs.
• Ability to work quickly, efficiently and accurately in a dynamic and fluid environment.
• Enthusiastic about emerging technology, actively participating in the technical community, including contribution to user groups, presentations, and marketing materials.

Education & Certifications

· Bachelor’s degree or an equivalent combination of education and experience with certifications

· 8-10 years of experience in either IT auditing or consulting

· 5-8 years of experience is acceptable with the right skill set and having dealt with many systems in a short time, e.g. worked in a Government or DoD Program Management Office

· Familiarity with frameworks such as FedRAMP, FISMA, SOC, ISO, HIPAA, HITRUST, PCI, etc.

· At least one of the following certifications, in order of preference: PMP, CISSP, CCSP, CISA, CISM, CRISC, CGEIT, or CAP

Required Qualifications

· Must be a U.S. Citizen and eligible for a secret clearance

· Development of NIST based policies, procedures and plans in support of accreditation packages

· Strong written and verbal communication skills including the ability to explain technical matters to non-technical audiences

· Understanding of AWS and other cloud technologies

· Strong NIST experience with the following Special Publications (SP)

• 800-37 Revision 2
• 800-53 Revision 4
• 800-53A Revision 2
• 800-171 Revision 2

· Experience with the FedRAMP and RMF assessment and authorization processes

· Ability to assist team members with proper artifact collection and detail to client’s examples of artifacts to satisfy assessment requirements

· Previous experience mentoring or managing consultants in a professional services organization

· Strong experience with Visio, GitLab, JIRA, Confluence, MS Project, Word, PowerPoint, and Excel.