What are the responsibilities and job description for the Cloud Security Professional position at Steampunk?
Overview
Steampunk is searching for someone join our team as a DHS FedRAMP JAB Cloud Security Professional to support our client with the evaluation of multiple cloud services, as well as providing executive advisory services on the recommended use of cloud services. The Cloud Security Specialist will be responsible for the participating in the analysis and evaluation of cloud services design, engineering practices, and architecture, and be a technical representative for the cloud security support team.
Contributions
- Participates on a team for providing expert analysis of cloud cybersecurity architecture, compliance with Federal regulation and policy, and commercial best practices relating to cloud security.
- Assist the Government in formalizing knowledge sharing within the cloud team.
- Review, analyze, discuss, and evaluate the implementation of security controls in multiple information system environments, including dynamic cloud services (IaaS, PaaS, and SaaS) or traditional and static Enterprise Resource Planning computing environment.
- Evaluate the performance of ongoing security maintenance, for example, continuous monitoring (ConMon) or continuous diagnostics and mitigation (CDM). Assess the ability of the service provider to maintain an acceptable security posture/ risk threshold on a monthly basis.
- Analyze risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and cyber protection (security architecture) requirements as they relate to the ongoing security risk posture of the system.
- Collaborate with the FedRAMP Review Team and Joint Authorization Board (JAB) Technical Representatives (TR) to build expert consensus regarding areas requiring process improvement and recommended solutions for identified areas requiring improvement.
- Develop information for decision briefs for senior leadership to use in making decisions on recommended solutions and areas requiring process improvement within the FedRAMP Program, process, and execution.
- Accountable for effectual partnerships with: Peer engineering teams to guarantee design, implementation and orchestration of complex, multi-product solutions for the cloud system.
- Provide leadership for the cloud architecture strategy and resolution of architectural issues.
- Establish strong relationships with key business and technology stakeholders and create convergence by demonstrating credibility, empathy and expertise on business and technical issues
Qualifications
- Associates Degree or Higher, or 5 years of experience, preferably in performing one of the following: risk assessments of cloud-based systems, designing and/or implementing network, security, virtualization or cloud system solutions.
- One of the following technical certifications:
Certifying
Entity
Certification
Certification
Abbreviation
Cisco
Cisco Certified Network Professional Security
CCNP Security
ASIS
Professional Certified Investigator
PCI
EC-Council
Computer Hacking Forensic Investigator
CHFI
FITSI
Federal IT Security Professional - Designer
FITSP-D
GIAC
Reverse Engineering Malware
GREM
GIAC
Secure Software Programmer
GSSP
GIAC
Certified Incident Handler
GCIH
GIAC
Penetration Tester
GPEN
GIAC
Critical Controls Certification
GCCC
GIAC
Exploit Researcher and Advanced Penetration Tester
GXPN
GIAC
Certified Forensic Analyst
GCFA
INCOSE
Expert Systems Engineering Professional
ESEP
GIAC
Continuous Monitoring Certification
GMON
GIAC
Certified Detection Analyst
GCDA
GIAC
Information Security Professional
GISP
GIAC
Network Forensic Analyst
GNFA
ISACA
Certified Information Systems Auditor
ISACA
ISACA
Certified Information Security Manager
CISM
ISACA
Certified in Risk and Information Systems Control
CRISC
ISC2
Certified Secure Software Lifecycle Professional
CSSLP
ISC2
Certified Cloud Security Professional
CCSP
ISC2
Certified Authorization Professional
CAP
ISC2
Certified Information Systems Security Professional
CISSP
ISC2
Information Systems Security Engineering Professional
ISSEP
ISC2
Certified Cyber Forensics Professional
CCFP
JNCIS-SEC
Juniper Networks Certified Internet Specialist Security
JNCIS-SEC
Microsoft
Microsoft Certified Solutions Expert
MCSE
VMWare
VMWare Certified Design Expert
VCDX
AWS
AWS Certified Solutions Architect – Associate
AWS-CSAA
AWS
AWS Certified SysOps Administrator – Associate
AWS
AWS Certified Security - Specialty
MS Azure
Microsoft Certified Solutions Associate
MCSA
MS Azure
MCSD: Azure Solutions Architect
MCSD
Professional Cloud Architect
- Must have knowledge of cloud solution principals and technologies.
- Extensive hands-on experience in cloud technologies, service oriented platforms, and hybrid solutions across locations.
- Experience with hybrid solutions mixing use of private data center and public cloud.
- Prefer hands on experience with major cloud providers such as Azure and/or AWS Cloud Offerings.
- Strong communication and technical writing skills necessary to prepare and conduct instruction, provide technical briefings and prepare technical reports and collaborate other with other team members.
About steampunk
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.
