The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solution and the integrity of our people. Explore what you can bring to our solutions in information assurance, secure networks, secure enterprise messaging, and identity management.
Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!
This position will be based at a customer site in Tysons, VA with telework/remote options.
In this role, you will liaise between project management and engineering teams to identify and address compliance gaps for FedRAMP. You will develop and maintain a FedRAMP project plan and translate security requirements into actionable tasks. Your prior experience successfully obtaining other cloud services through the FedRAMP process will be instrumental to our combined success.
In performing this role, you will be required to:
- Develop and maintain the FedRAMP authorization project plan, timelines, and milestones to successfully move a client’s cloud services through the FedRAMP process.
- Plan, execute, and document comprehensive security control audits in accordance with NIST 800-53 and other relevant frameworks.
- Serve as the subject matter expert for compliance requirements performing tasks such as:
- Translate compliance requirements actionable items for engineering teams.
- Provide technical guidance and lead discussions with stakeholders and team leads on compliance requirements to facilitate necessary product updates and changes.
- Review and update items such as the boundary diagrams, data flows, and interconnections. Then offering any updates or revisions as needed to meet compliance requirements.
- Validate the effectiveness of security controls through testing, interviews, and examination of evidence.
- Identify security gaps and vulnerabilities and provide actionable recommendations for remediation.
- Prepare detailed audit reports highlighting findings, risks, and recommended corrective actions.
- Coordinate with third party assessment organizations (3PAO)
- Develop and maintain risk registers and risk treatment plans.
- Stay abreast of evolving security threats, vulnerabilities, and industry best practices.
- Recommend and implement improvements to security controls, processes, and procedures.
- Contribute to the development and maintenance of security policies, standards, and guidelines.