Cloud Cyber Security Technical Specialist (Secret Clearance)

Cloud Cyber Security Technical Specialist
Aberdeen Proving Ground - Onsite
Secret clearance is required to start
Must hold a DoD 8570 IAT Level III certification such as CISSP, CASP+ CE, or CISA.
Must hold a Microsoft Certified Azure Administrator Associate (AZ104) certification or higher.

Qualifications:

• 3+ years experience cyber security and information assurance.

• Bachelor's degree in a related field.

• Must hold a DoD 8570 IAT Level III certification such as CISSP, CASP+ CE, or CISA.

• Must hold a Microsoft Certified Azure Administrator Associate (AZ104) certification or higher.

• Proficient with cyber security/IT tools such as ACAS, HBSS/ESS, and eMASS.

• Familiar with DISA Security Technical Implementation Guides (STIGs).

• Knowledge and understanding of NIST 800 series framework, including the Risk Management Framework Process.

• Experience in information security, including technical assessment of IT security controls and devices for networks, applications, and systems, particularly cloud-based applications and services in Microsoft Azure.

• Experience performing IT audit, IT compliance, enterprise risk management, creating/updating/implementing policy, security scanning, providing security-related technical guidance, and hardening devices.

• Able to act as a subject matter expert in evaluating technical risks, understanding how changes in system configuration and/or network architecture affect a system's security posture and risk profile, and evaluating and applying technical cybersecurity measures of IT systems and networks at the enclave level.

• Experience implementing cyber security controls and countermeasures in cloud environments, specifically Microsoft Azure.

Major Duties & Responsibilities:

• Ensure the security of Azure cloud-based applications by performing scan and patch management, cyber security planning and policy management, cyber auditing, configuration management, Risk Management Framework (RMF) Authorization Management, and DevSecOps.

• Support the ISSM-O in the creation and maintenance of all required policies, procedures, diagrams, hardware/software listings, and all other necessary artifacts required to obtain and maintain the ATO.

• Support cyber security tasks including: scan and patch management; planning and policy management; auditing; configuration management; RMF Authorization Management; DevSecOps; incident response; vulnerability scanning; STIG compliance checking; HBSS/Endpoint Security Solution; network access control; and POA&M creation.

#M2