What are the responsibilities and job description for the FedRamp Assessor - Secret Clearance / 3PAO position at Integrity Resources?
This role can cross multiple high level responsibilities and will be a 6-9 month contract to hire position. No Sponsorship available at this time.
A STRONG preference for someone local to the Northern Virginia area is present due to location of the supported customer.
FedRamp Assessor Role
• Lead and develop Security Authorization Packages that are compliant with FedRAMP and DOD requirements under the supervision of senior staff members. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, Security Assessment Plans, and Security Assessment Reports.
• Lead and assist in the review and analysis of Security Authorization Packages for completeness and compliance with FedRAMP and DOD requirements.
• Facilitate and participate in client interviews to complete Security Authorization Packages and Security Assessments.
• Ensure existing systems Security Authorization Packages remain up to date throughout the life cycle.
• Provide review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
EDUCATION/EXPERIENCE/SKILLS:
- 3 years experience working as a FedRAMP Assessor in a 3PAO Capacity
- Required Experience interviewing / testing Cloud Service Offerings (CSOs) – AWS, Azure, GCP, Hybrid Models (Cloud On-Prem)
- Strong understanding of NIST 800-53 controls
- CISSP preferred, but also looking for candidates with:
- CompTIA Advanced Security Practitioner (CASP ) Continuing Education (CE)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Leadership (GSLC)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Cloud Security Professional (CCSP)
- CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP)
- CISSP-Information Systems Security Engineering Professional (CISSP-ISSEP)
- CISSP-Information Systems Security Management Professional (CISSP-ISSMP)
- CyberSec First Responder (CFR)
- Certified Chief Information Security Officer (CCISO)
2) Bachelor’s Degree or relevant work experience.
3) Broad based IT background with a technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle.
4) Excellent communication skills, both written and verbal with strong presentation skills.
5) Ability to translate technical materials and issues into non-technical/layman terms.
6) Team player able to work well with others in a collaborative manner and is a self-starter who can work with minimum supervision. 12) Ability to lead interactions with clients and represent in a professional manner.
7) Ability to successfully manage multiple tasks
8) Serve as mentor to Associate Security Consultants on best practices.
9) Ability to travel 25%.
10) Eligible to work in the U.S.
Continually seek to advance and update security and compliance knowledge
Salary : $125,000 - $140,000
