Mid-Level Cybersecurity Risk Consultant

Herndon, VA

Applications have closed

Dark Wolf Solutions

The Alphaof technology Dark Wolf Solutions operates at the nexus of mission and technology to meet our Nation's most challenging missions. JOIN THE PACK Connect Our Background About Us We combine the most innovative emerging technologies with...

View company page

Dark Wolf Solutions is looking for a Mid-Level Cybersecurity Risk Consultant who will collaborate with internal teams to drive client accreditation needs and act as a support piece to strengthen cybersecurity controls and align practices to meet NIST SP 800-37 Rev. 2 Risk Management Framework. The candidate should have a strong foundational understanding of RMF and be able to perform the following tasks with minimal supervision:

  • Conduct interviews and engage in hands on work to understand and improve client cybersecurity processes, technologies, and configurations.
  • Create artifacts to support making accreditation decisions to include System Categorizations, System Security Plans (SSPs), Control Matrices, Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&M)s.
  • Develop, review, and critique assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD, ICD, CNSS, and NIST special publications.
  • Develop and implement Policies, Procedures, and Standard Operating Guides.
  • Work as part of a larger Cybersecurity Team and potentially support multiple programs at one time.
  • Research security standards/tools; review or conduct system security and vulnerability assessments of cloud and on-prem environments in a fast-paced, demanding environment.
  • Support development and implementation of innovative methods to achieve compliance with government and commercial cybersecurity frameworks.
  • Demonstrate familiarity with Assured Compliance Assessment Solution (ACAS) scans and Security Technical Implementation Guides (STIGs); and be able to communicate risks and issues to Authorizing Officials and stakeholders.

Required Qualifications:

  • A bachelor’s degree in information security or related discipline.
  • 3+ years of experience in consulting, information security, or a related field that includes demonstrated experience with NIST 800-37 rev2, NIST 800-53 rev4, NIST 800-53a rev4.
  • Advanced writing skills: able to clearly articulate ideas for executive level consumption.
  • Advanced problem-solving skills: able to use prior experience and knowledge to address new situations, especially during interactions with clients.
  • Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions.

Desired Qualifications:

  • The following certifications are desired: Security +, CISSP, CISM, CISA, CRISC.
  • Recent experience with cybersecurity and information assurance accreditation processes for DoD or IC.
  • Knowledge/Experience with NIST 800-171 rev2, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
  • Understanding of FedRAMP accreditation requirements and deliverables.
  • Cloud experience with Google, Azure, or AWS is a plus.

 

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Tags: AWS Azure CISA CISM CISSP Cloud CNSS Compliance CRISC DoD FedRAMP NIST Risk management Security assessment Security Assessment Report System Security Plan

Region: North America
Country: United States
Job stats:  9  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.