Jr. Cloud Information Security Officer

Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte's Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.

Work you'll do

• Perform System Assessment and Authorization for CDC systems including developing ATO and supporting documentation (System Security Plans, HW/SW lists, etc.)
• Validate security controls and continuous monitoring for applications, platforms, environments including AWS, Azure, and SaaS environments
• Track and report on vulnerabilities, remediations, POA&Ms, resolutions
• Collaborate with Application, DevSecOps, Cloud teams on automating compliance and reporting including the use of OSCAL
• Provide guidance on security policies including Zero Trust Federal Information Security Certification and Accreditation (C&A), Continuous Monitoring, and Risk Management Framework, FISMA, Risk Management Framework (RMF), FedRAMP, NIST Publications (37, 53, 53A, 30, 60, 18), FIPS 199&200, Cyber Security Assessment Management (CSAM) Tool, Business Implant Analysis, System Security Plan, Configuration Management Plan, Incident Response Plan, Contingency Plan

The team

Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology and outcomes-is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise

At Deloitte, we believe cyber is about starting things-not stopping them-and enabling the freedom to create a more secure future. Cyber Infrastructure is focused on rethinking how security is integrated across modernized infrastructure as cyber threats become more complex. If you're seeking a career implementing, architecting, and-in select cases-handling next generation controls to manage security risks and exposure, then the Cyber Infrastructure team at Deloitte is for you.

Qualifications

Required:

• 2 years of experience developing SA&A / ATO documentation including SSPs, HW/SW lists, Architecture diagrams, dataflow diagrams, etc.
• 2 years of experience validating security controls on applications, systems, networks, platforms, environments including on-premise and cloud
• 2 years of experience tracking vulnerabilities and POA&Ms and developing reports to support compliance audits
• Ability to collaborate with others in gathering information to complete documentation, resolve POA&Ms, and validate security controls
• Strong critical thinking skills
• Familiarity with Federal zero trust requirements and other relevant compliance frameworks such as FedRAMP
• Bachelor's degree required
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
• Must be able to obtain and maintain the required clearance for this role

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $65,000-$97,000.

Preferred:

• Familiarity with OSCAL