Cloud Security Assessor

It's fun to work in a company where people truly BELIEVE in what they're doing

We're committed to bringing passion and customer focus to the business.

****** Required DOD Secret or Top-Secret Clearance *******

SUMMARY

The Cloud Security Assessor / Information Assurance Analyst provides support to the agency. This position provides advanced technical expertise in conducting independent validation of assessments and continuous monitoring for authorized Cloud Service Providers Cloud Service

EDUCATION/EXPERIENCE

Bachelor's degree and a minimum of ten (10) years’ relevant Cyber Security Assessment and Cyber Security management experience, or equivalent combination of education / experience. Must have relevant consulting experience in information technology with specialized experience in an applicable functional area.

Five (5) years experience with DoD and FedRAMP Cloud Authorization on-going support to include continuous monitoring,

CERTIFICATES/LICENSES/REGISTRATION

Required DOD Top Secret Clearance, or Secret Clearance with TS Eligibility

Must have DOD 8570 IAM III Certification - CISSP, CISM,

ESSENTIAL DUTIES AND RESPONSIBILITIES

Essential duties and responsibilities include the following. Other duties may be assigned.

Performs analysis, conduct independent validation of assessments and continuous monitoring for authorized Cloud Service Providers Cloud Service Offerings. Develop processes and procedures to document the execution of the analysis and validations.

Reviews Cloud Service Provider documentation consisting of the System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), and associated POA&M. For each certification validation, a Cloud Security Assessment Package is prepared to include validated cybersecurity controls, certifier's recommendation, certifier’s statement of residual risk, certification assessment briefing slides, and a provisional authorization. If the validation is leading to a Joint Authorization Board (JAB) Provisional Authorization (PA), a one-page executive summary is also required. 

Performs DoD and FedRAMP Cloud Authorization on-going support to include continuous monitoring, annual reviews, and significant change requests of Cloud Service Providers through reviews, recommendations, written reports, and briefings. This task involves review and analysis of the following: Deviation Requests, Monthly One Pagers, Annual Assessments, Playbooks, Significant Change Requests, review of scan data, POA&Ms, and other changes to evaluate a CSP’s ongoing risk posture change.

Responsible for aiding in own self-development by being available and receptive to all training made available by the company.

Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.

Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and co-workers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions as the best of own ability.

Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.

COMPETENCIES

Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken.

COMPLIANCE

Promotes and encourages a culture of compliance with all applicable rules (federal, state, local, Federal Acquisition Regulations, Code of Federal Regulations, Prime Contract requirements, etc.) for themselves and the company as a whole. Fosters an environment in which they will report any violations or reasonably suspected violation of CNI policy, FAR, and/or CFR and are comfortable discussing the myriad compliance, conflict, FAR, CFR, etc. issues that arise during the performance of a government contract.

CERTIFICATES/LICENSES/REGISTRATION

Required DOD Top Secret Clearance, or Secret Clearance with TS Eligibility

Must have DOD 8570 IAM III Certification - CISSP, CISM,

JOB SPECIFIC KNOWLEDGE/SKILLS/ABILITIES

Expert knowledge of proven business and operations practices and strategies.

Proficient understanding of Restful APIs, JSON.

Proven ability to facilitate progressive organizational change / development within a growing organization.

Excellent organization and time management skills with ability to handle multiple priorities.

Exceptional analytical and problem-solving skills with ability to assess business requirements.

Exceptional leadership skills with ability to motivate, influence and lead others.

High level of proficiency in briefing managers and communicating recommendations regarding status of project operations.

Excellent verbal and written communications skills.

Superior customer service and relationship management skills.

Ability to effectively interact with management and staff at all levels within a multi-level organization.

Ability to proactively identify problems and effectively respond.

Ability to use discretion concerning highly sensitive and confidential data and information.

Proficient understanding of cross-browser compatibility issues and ways to work around them.

Experience with configuration management, version control, software packaging and deployment.

Ability to perform system analysis, design and development.

Ability to work well in a team as well as independently

Excellent oral and written communications skills.

LANGUAGE SKILLS

Ability to read, analyze and interpret common scientific and technical journals, financial reports and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies or members of the business community. Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups and/or boards of directors.

MATHEMATICAL SKILLS

Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry. Ability to apply concepts such as fractions, percentages, ratios and proportions to practical situations.

REASONING ABILITY

Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic. 

EQUAL EMPLOYMENT OPPORTUNITY STATEMENT  

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.

CNI offers a comprehensive benefits package that includes:

Medical Dental Vision 401(k) STD/LTD/AD&D Employee Assistance Program (EAP) Paid Time Off (PTO) Training and Development Opportunities

#indcni

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us

---