Zachary Piper Solutions is seeking a Sr FedRAMP Security Controls Assessor for a remote position based in Reston, Virginia area. The role involves leading Security Controls Assessments and Continuous Monitoring activities within cloud-based environments for various federal agencies.

Responsibilities:

• Conduct 3PAO assessments for clients and stakeholders following NIST SP 800-53A, FedRAMP, and DoD guidelines.
• Deliver detailed reports and recommendations to clients on controls implementation.
• Develop Authorization & Accreditation (A&A) documentation to meet project scope requirements for FedRAMP and DoD DISA assessments.
• Manage client interactions

Qualifications:

• Minimum 7 years of professional experience, with at least 4 years in FedRAMP 3PAO and DISA security controls/environments.
• Familiarity with FedRAMP Framework and DoD Impact levels IL4, IL5, and IL6.
  • Preference to someone who's gone through a full life cycle security control assessment and gotten an impact level 4, 5, or 6.
• Previous experience in FedRAMP 3PAO and understanding of Cloud environment services.
• ability to lead a small team of Jr- mid level accessors
• strong interpersonal and communication skills: client facing experience or strong soft skills/ communication skills
• Bachelor's degree in an IT-related field required.
• Certifications: CISSP and one of the following: CASP, GCED, GCIH, GSLC, CISA, CISM, CFR, or CCISO.
• Must be a US Citizen
• Clearance Requirement: Active Top Secret clearance.

Compensation:

• Salary: $130,000-$170,000 flexibility depending on experience
• Benefits: Full health, vision, dental, 401K options, and generous PTO.
• Location: Candidate must be local to the DMV but working remotely. Some travel required onsite depending on the project/ client

Keywords: cybersecurity, assessments, technical testing, cyber engineering, cloud and technology provider, Senior FedRAMP Assessor, Top Secret Clearance, facilitate, facilitates, Security Control Assessments, SCAs, Continuous Monitoring Activities, cloud-based environments, FedRAMP team, understand, understands, understood, understanding, security-related system controls, testing methods, technical sections, provide, provides, provided, providing, client-ready deliverables, FedRAMP, some travel, Senior Assessor, created, creating, creator, creates, create, modify, modified, modifying, modified, modifies, review, reviews, reviewed, reviewing, Assessment & Authorization, A&A, FedRAMP, DoD DISA assessments, develops, developed, developing, Develop, Security Authorization Packages, compliant, DOD requirements, conducts, conducted, conducting, Conduct, Third-Party Assessment Organization, 3PAO, self-Quality Assurance, QA, executes, executed, executing, Execute, examine, examines, examined, examined, interview, interviews, interviewed, interviewing, tests, tested, testing, test, NIST SP 800-53A, FedRAMP, Ensure, ensures, ensured, ensuring, cybersecurity policies, adhere, adheres, adhered, Validate, validates, validated, validating, system security plans, policies, procedures, ensures, ensured, ensuring, ensure, NIST control requirements, implemented, implement, implements, implementing, Author, assessment statements, results, detail, controls, implemented, Authors, recommendations, recommend, recommends, recommended, security posture, NIST, FedRAMP & DoD DISA ,security control requirements, frameworks, RMF assessment, risk management framework, authorization processes, 10 FedRAMP assessments, apply, applies, applied, applying, impact levels, IL4, IL5, IL6, FedRAMP 3PAO, Cloud environment services, operating systems, networking components, databases, access controls, auditing, boundary protection, cryptography, IT security technologies, network, application security, firewalls, access management, data protection, Bachelor's degree, U.S. Citizen, active Top Secret Clearance, Senior FedRAMP Assessor, CISSP, CASP, GCED, GCIH, GSLC, CISA, CISM, CFR, CCISO, NIST Special Publications, 800-37 Revision 1, 800-53, Revision 4 5, DoD DISA, networking components, operating systems, cloud environment, UNIX, Microsoft, FedRAMP Framework, DoD Impact levels, IL4, IL5, IL6, paid parental leave, flexible time off, certification, training reimbursement, digital mental health, wellbeing support memberships, comprehensive insurance options