Mid-Level Cybersecurity Risk Consultant
Herndon, VA
Applications have closed
Dark Wolf Solutions
The Alphaof technology Dark Wolf Solutions operates at the nexus of mission and technology to meet our Nation's most challenging missions. JOIN THE PACK Connect Our Background About Us We combine the most innovative emerging technologies with...Dark Wolf Solutions is looking for a Mid-Level Cybersecurity Risk Consultant who will collaborate with internal teams to drive client accreditation needs and act as a support piece to strengthen cybersecurity controls and align practices to meet NIST SP 800-37 Rev. 2 Risk Management Framework. The candidate should have a strong foundational understanding of RMF and be able to perform the following tasks with minimal supervision:
- Conduct interviews and engage in hands on work to understand and improve client cybersecurity processes, technologies, and configurations.
- Create artifacts to support making accreditation decisions to include System Categorizations, System Security Plans (SSPs), Control Matrices, Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&M)s.
- Develop, review, and critique assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD, ICD, CNSS, and NIST special publications.
- Develop and implement Policies, Procedures, and Standard Operating Guides.
- Work as part of a larger Cybersecurity Team and potentially support multiple programs at one time.
- Research security standards/tools; review or conduct system security and vulnerability assessments of cloud and on-prem environments in a fast-paced, demanding environment.
- Support development and implementation of innovative methods to achieve compliance with government and commercial cybersecurity frameworks.
- Demonstrate familiarity with Assured Compliance Assessment Solution (ACAS) scans and Security Technical Implementation Guides (STIGs); and be able to communicate risks and issues to Authorizing Officials and stakeholders.
Required Qualifications:
- A bachelor’s degree in information security or related discipline.
- 3+ years of experience in consulting, information security, or a related field that includes demonstrated experience with NIST 800-37 rev2, NIST 800-53 rev4, NIST 800-53a rev4.
- Advanced writing skills: able to clearly articulate ideas for executive level consumption.
- Advanced problem-solving skills: able to use prior experience and knowledge to address new situations, especially during interactions with clients.
- Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions.
Desired Qualifications:
- The following certifications are desired: Security +, CISSP, CISM, CISA, CRISC.
- Recent experience with cybersecurity and information assurance accreditation processes for DoD or IC.
- Knowledge/Experience with NIST 800-171 rev2, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
- Understanding of FedRAMP accreditation requirements and deliverables.
- Cloud experience with Google, Azure, or AWS is a plus.
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
Tags: AWS Azure CISA CISM CISSP Cloud CNSS Compliance CRISC DoD FedRAMP NIST Risk management Security assessment Security Assessment Report System Security Plan
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs