stackArmor is fast-growing Cloud security, compliance, and ATO acceleration solutions provider headquartered in Washington DC. As a member of the stackArmor ATO Acceleration team, you will deliver FedRAMP, FISMA, and CMMC compliance solutions. Your work will revolve around the delivery of FedRAMP, RMF, and CMMC Documentation artifacts including policies, procedures, plans, and strategic advisory services.
- Providing FedRAMP, FISMA, CMMC compliance advisory for clients on how to achieve cloud security requirements as part of migrations, greenfield builds, and/or existing environments.
- Performing maturity gap assessments against client cloud and container environments,
- Developing FedRAMP, FISMA, and CMMC compliant documentation packages in support of an assessment and ATO.
- Engaging with clients by leading discovery workshops through well-defined presentation materials with strong written and verbal communication skills.
- Advise strategies, tactics, and approaches for applying FedRAMP, FISMA, and CMMC security frameworks for Cloud, container, and serverless environments on platforms like Amazon Web Services, Azure, and VMWare amongst others.
As a Senior Consultant on the team, your specific responsibilities in contributing to these deliveries will consist of the following:
- Lead system security consultation within cloud-based environments in accordance with NIST SP 800-53, 800-37, OMB, and other authoritative IT security guidance
- Develop System Security Plans, Configuration Management, IT Contingency, and Incident Response Plans in accordance with NIST requirements
- Prepare, review, and/or update, and maintain IT Security supporting artifacts
- Provide IT security guidance to Information System Owners
- Identify information security problems and challenges, research and develop technical solutions to meet control objectives
- Support management of client satisfaction at all phases of the client relationship.
- Ensure continuous professional development in maintaining industry-specific certifications, building and maintaining a strong depth of knowledge in the practice area.
- Collaborate with Project Managers, Sales, and other Delivery team members to drive customer satisfaction and meet project deliverables.
Expected Work Experience
- Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
- Five to ten (5-10) years of experience as a consultant within professional IT services
- Deep experience with government compliance, including FISMA, FedRAMP, and DoD CC SRG
- Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
- Experience with every step within the delivery of Assessment and Accreditation (A&A) phases and deliverables that have obtained and maintained full authorization to operate (ATO)
- Experience with virtualization or cloud technologies
- Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
- Security-focused industry certifications such as a CAP, CCSK, CISA, CISM, CISSP, CCSP, CRISC, CCISO, or Amazon Web Services (AWS)/Google Cloud Platform (GCP)/Microsoft Azure specific certifications
- Knowledge of information security-related solutions, tools, and utilities
- Excellent verbal and written skills
- Willing to travel up to 25%
- Must be a U.S. Citizen and eligible for a secret clearance
- Strong written and verbal communication skills including the ability to explain technical matters to non-technical audiences
- Understanding of AWS and other cloud technologies
- Strong NIST experience with Special Publications (SP) 800-37, 800-53, 800-171
- Experience with the FedRAMP and RMF assessment and authorization processes
- Ability to independently lead small, less complex system assessments
- Ability to assist team members with proper artifact collection and detail to client’s examples of artifacts to satisfy assessment requirements
- Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, CGEIT, or CAP
- Cloud-based experience AWS, Azure, VMWare, Splunk, Palo Alto, Cisco ASA, etc.
Job Type: Full-time
- Dental insurance
- Health insurance
- Paid time off
- Professional development assistance
- Vision insurance
- 8 hour shift
- Bonus pay