What are the responsibilities and job description for the System Authorization Support position at SiloSmashers?
Summary of Position
SiloSmashers is looking for a Cybersecurity SME to prepare the security authorization package documenting the issues, findings, and recommendations from the SCA. The individual will provide all documentation developed to support assessment, artifact collection, findings, analysis, conclusions, management recommendations, and reports.
Principle Duties and Responsibilities
- - Support the development of test procedures, Risk Assessment Report (RAR), Security Assessment Report (SAR), and Plan of Action and Milestone (POA&M) report which details the security activities conducted, risk analysis performed, recommendations, issues, concerns and/or input for the documentation and technical assessment
- - Review security documents for consistency providing assurance that the level of risk and risk acceptance are commensurate with the control that are implemented or should be implemented on the system.
- - Support the development of a summary of findings report (POA&M list) based on the recommendations of the security assessment report
- - Work with the authorizing official and/or system owner to document a detailed remediation plan for findings from the security assessment report
- - Ensure security control descriptions and stated residual risks are comprehensive and understood by stakeholders
Required Skills, Knowledge and Experience
- - BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.
- - 8 years of security control assessment experience
- - 5 years of experience with FedRamp systems (Azure, AWS, GCP)
- - Effective written and oral communication skills.
- - Previous Federal Government experience is a plus.
Security Clearance
- Minimum Secret
Work Location
- 100% remote with occasional on-site visits as needed
