CyberSecurity Risk Management Specialist (Top Secret Clearance Required)
Washington, DC, United States
Intevity
We are a digitally-focused management consultancy driving business and digital transformations through a focus on organization, experience, and execution.Company Description
Founded in 2003, Intevity (previously Twin Technologies) is a full-service boutique digital consultancy that develops solutions and technology to drive growth, transform businesses, and make a real impact on people’s lives.
Based in Boston, MA with remote offices and employees throughout the eastern and central US (Baltimore, Chicago, D.C., New York). Intevity focuses on both Commercial and Public Sector clients, with deep expertise in retail, software, and government. Intevity has key vendor partnerships with Adobe, AWS, and Salesforce.
We work on all phases of projects, from early discovery and design to strategy to execution. We are known for our vulnerability-based culture, high levels of craftsmanship, innovation, and trust; being able to truly connect with the needs and spot the real reasons why an organization is being held back from achieving their goals.
Job Description
As our CyberSecurity Risk Management Specialist, you will consistently challenge team members to proactively and collectively architect secure IaaS and PaaS solutions within multiple Cloud Service Provider's (CSP). Candidates should have effective task management skills and the ability to communicate effectively. They will be required to prepare, categorize, implement, assess, and monitor systems within accordance to NIST SP 800-53 and DISA CC SRG standards.
Major Duties & Responsibilities
Subject Matter Expert (SME) in data entry and processes for eMASS, SNAP, PPSM, STIG viewer, etc
Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide Product Owners through key processes for submitting IATT, ATO, and ATO-C packages
Support the evaluation of security controls against the IaaS and PaaS offerings provided
Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process
Conduct cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, DISA CC SRG, FISMA, and FIPS 199 and 200)
Qualifications
- Currently holds TS clearance
- 90% Remote (with a home office in the Arlington, VA area)
Experience with Azure and/or cloud solutions in general (AWS, GCP)
Subject matter expertise in conducting security risk assessments for on-prem, hybrid cloud, and cloud systems
Highly proficient in knowledge of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
Experienced with vulnerability scanning and penetration testing tools and technologies such as ACAS, HBSS, Tenable.IO, Harbor, Windows Defender, PRISMA, Qualys, etc
Familiar with Cloud based security monitoring tools such as Windows Defender, New Relic, AWS CloudWatch, PRISMA, SolarWinds, Prometheus, etc
Profound ability to collaborate well with internal and external stakeholders
Strong MS Office skills along with strong verbal and written communication skills
Desired Qualifications:
Prior software development experience is ideal, but not necessary
Understanding basic core fundamentals of DevOps and DevSecOps is a plus
At least one security certification is strongly preferred, such as Certified Information SecurityManagement (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
Prior experience in the management of technology infrastructure is preferred
Knowledge of the DoD is strongly preferred
Additional Information
Intevity offers a competitive and comprehensive employee compensation and benefits package that includes base salary, medical, dental, and vision insurance, long and short-term disability insurance, life insurance, 401k program with company match, and an open PTO plan.
Intevity is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, or protected veteran status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ACAS AWS Azure C CISM CISSP Clearance Clearance Required Cloud COBIT CRISC DevOps DevSecOps DISA DoD eMASS FISMA GCP Governance IaaS ITIL Monitoring NIST NIST 800-53 OWASP PaaS Pentesting Prometheus Qualys Risk analysis Risk assessment Risk management Security assessment Security Assessment Report Strategy System Security Plan Top Secret Top Secret Clearance Windows
Perks/benefits: 401(k) matching Competitive pay Health care Insurance Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs