Cloud Cybersecurity Compliance Engineer
Rockville, MD, United States
Applications have closed
Ashburn Consulting
: Ashburn Consulting LLC provides IT support cyber security services for technology infrastructure, enhance cyber security, data Center/Cloud solutions and ensure smooth operations.Company Description
Ashburn Consulting, a Small Business based in the Washington, DC metropolitan area, specializes in providing network and network security solutions in complex environments to a select set of government and business clients. The company, an established leader in its field, is composed of an elite team of engineers and business consultants, each of whom is recognized, and highly regarded, within the network and security communities.
Job Description
The primary focus of the Cloud Cybersecurity Compliance Engineer will be to identify and prioritize cloud-related risks enterprise-wide, executing comprehensive risk assessments and control gap analyses in line with established information security policies and widely recognized risk management frameworks applicable to a range of public cloud environments.
The Cloud Cybersecurity Compliance Engineer will be responsible for conducting thorough reviews of legal contracts and agreements relevant to cloud services, including service level agreements (SLAs), data processing agreements (DPAs), and vendor contracts. This involves interpreting complex legal language and terms to ensure compliance with information security and privacy requirements, identifying potential risks or areas of non-compliance, and articulating these findings in a clear, comprehensible manner to business units and legal counsel. The contractor will liaise closely with attorneys and business stakeholders to provide actionable insights, ensuring that contractual obligations align with governance, risk, and compliance frameworks and standards.
The Cloud Cybersecurity Compliance Engineer will play a lead role on the Governance, Risk, Compliance team having responsibility for the following:
• Designing, implementing, and continuously improving the cloud information security/privacy compliance program based on applicable policies, local/state/federal laws/regulations and adopted risk management frameworks.
• Designing, implementing, leading cloud-based risk assessments and control gap analysis procedures, activities, documents, and communication plans
• Leveraging NIST 800-53/FedRAMP assessment experience, technical, and program management skills to lead, plan, track, collaborate and report on the cloud governance, risk compliance program deliverables, including scheduling/leading meetings, assigning/tracking action items, and developing status reports.
• Performing cross functional interviews with business, technical and information security partners to determine if information security/privacy controls are implemented correctly, operating as intended, and producing the desired results.
• Communicating program controls, measurements, metrics, and assessment results confidentially, professionally, and effectively, in both written and verbal formats, with business, technical, and third-party stakeholders.
Qualifications
• 5+ years-experience applying governance, risk, compliance principles to public cloud ecosystems such as AWS (Amazon), Azure (Microsoft) and/or (GRC) Google
• 5+ years-experience designing/implementing cloud-based information security/privacy polices mapped to industry standards and regulatory frameworks (e.g., NIST 800-53, FedRAMP, PCI, HIPAA etc.)
• Designing, implementing, and performing cloud-based risk assessments and control gap analysis; identifying, analyzing, and evaluating cloud security/privacy risks through analysis of vendor-provided SOC2 and other cloud security control documentation.
• Proven ability to communicate confidentially, professionally, and effectively, in both written and verbal formats, with business, technical, and third-party stakeholders.
• Developing monitoring, gathering, and analyzing information security and compliance metrics for management for the cloud environment.
• Must pass a background investigation.
Additional Information
All of your information will be kept confidential according to EEO guidelines. Equal Opportunity Employer/Veterans/Disabled. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status.
Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail hr@ashburnconsulting.com.”
Ashburn Consulting is an Equal Opportunity Affirmative Action Employer.
In compliance with the American with Disabilities Act Amendments Act (ADAAA), if you have a disability and would like to request and accommodation in order to apply for a position with Ashburn Consulting, please e-mail hr@ashburnconsulting.com.”
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure Cloud Compliance FedRAMP Governance HIPAA Monitoring Network security NIST NIST 800-53 Privacy Risk assessment Risk management SLAs SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs