Icon hamburger
US
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply on company site
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Default1

Security Cloud Assessor

General Dynamics Information Technology Annapolis Junction Full-Time
Apply on company site

We are looking for a Cloud Security Control Assessor (SCA) to work in our Annapolis Junction, MD office.

Essential Job Functions:

  • Develop processes and procedures to document the execution of the analysis and assessments of Cloud Service Providers (CSP) packages
  • Analyze and conduct assessments of packages
  • Support the development of the DoD Cloud Security Guidelines, associated checklists, templates, and documents
    • This may include development of requirements, instructions, how-to guides and other guidance for internal assessors on how CSP assessments will be conducted, DoD Components, cloud service providers, and third-party assessors regarding the assessment, deployment and use of secure cloud computing in the DoD
  • Conduct Cloud Services Security Assessments and information assurance reviews, as directed, in support of the FedRAMP and DoD Provisional Authorization processes while following the process guidance and procedures as outlined and provided
    • Typically this requires review of Cloud Services documentation packages consisting of key documents such as the System Security Plan, Security Assessment Plan, Security Assessment Report and associated Plans of Action and Milestones
    • For each certification assessment, prepare a certifier's recommendation, statement of residual risk, scorecard, and certification assessment briefing slides
  • Perform Continuous Monitoring and Annual Reviews of CSPs to include recommendations and written reports
    • This involves a review and analysis of Deviation Requests, Monthly One Pagers (description of the Cyber status of a Cloud Service Offering (CSO) for that month), Annual Assessments (AA), Playbooks Change Requests (CR’s), reviewing of the scan data, POA&Ms, and other changes to evaluate a CSP’s ongoing risk posture change
  • Support the development of the DoD Cloud Security Guidelines, associated checklists, templates, and documents
    • This may include development of requirements, instructions, how-to guides and other guidance for internal assessors on how CSP assessments will be conducted, DoD Components, cloud service providers, and third-party assessors regarding the assessment, deployment and use of secure cloud computing in the DoD

Required Qualifications:

  • Active DoD Secret clearance
  • Current IAM Level III certification (CISSP or Associate, CISM, or GSLC)
  • Bachelors Degree or equivilant work experience
  • 8+ years hands-on experience in the analysis and assessments of Cloud packages
  • Familiarity with Risk Management Framework (RMF)
  • Working knowledge of NIST SP800-60 Vol I and II
  • Familiarity with DISA and/or DoD processeses and regulations in general

Desired Qualifications:

  • Active Top Secret clearance
  • In-depth working knowledge of EMASS and RMF

#GDITpriority

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
 

Recommended skills

Certified Information Security Manager
Continuous Monitoring
Certified Information Systems Security Professional
Information Assurance
Reports
Templates
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: RQ36781

CAREERBUILDER TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.