Excentium, Inc. is a Service-Disabled Veteran owned small business that provides Cyber Security Engineering, Information Assurance (IA), management, Certification and Accreditation (C&A), and other IT services to government and commercial organizations.
We have an opportunity for a FedRAMP Senior Assessor supporting our Cybersecurity Compliance Team in the Washington DC Metro Area and remote locations
MINIMUM CLEARANCE LEVEL: Secret Eligibility
CITIZENSHIP: US Citizenship
LOCATION: Washington DC Metro Area and Remote locations
Job Description:
Excentium is seeking a FedRAMP Sr. Assessor who bring deep knowledge of client engagement and practice management. Using your strong experience with FISMA and FedRAMP and familiarity with the NIST Risk Management Framework (RMF) you will support and lead teams to perform assessments for cloud computing technologies in meeting federal compliance. We have eliminated time reporting, chargeability goals, and sales pressure. You will lead engagements through the management of standard project execution, client service activities, and staff consultants. In addition to mentoring junior level staff, you will have the opportunity to provide input on methodology development, technical assessment strategy, and engagement planning for Excentium service offerings as a technical SME.
Responsibilities:
Lead assessments from initiation to project closure
Monitor the progress of engagements and key project activity dates
Drive working sessions with clients to ensure expectations and direction are aligned and timelines are being met
Execute security assessments in accordance with NIST SP 800-53, 800-37, 800-171, and other authoritative IT security guidance
Develop Security Authorization Packages and ensure completeness and compliance with FedRAMP requirements and other authoritative IT security guidance.
Required Experience/Skills:
Minimum 3 years of experience in information security, with strong NIST experience (in order of preference): NIST SP 800-53, FedRAMP, RMF, FISMA, NIST SP 800-171
Demonstrated knowledge of NIST publications, such as: NIST SP 800-30 rev 1, 800-37 rev 1 or 2, 800-53 rev 4, 800-53A rev 4, 800-60 Vol 1 & 2 rev 1, and 800-171 rev 1
Experience with government compliance, including FISMA, FedRAMP, RMF, and CSF
Experience with commercial cloud environments; architectures, technologies, and services
Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
Ability to lead multiple assessment engagements and train junior staff
Excellent communication skills to include the ability to explain technical matters to a non-technical audience
Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle
Required Education:
BS/BA in Management Information Systems, Information Security, Computer Science, or relevant discipline; or combination of relevant education and work experience
Certified Information Systems Security Professional (CISSP) Required
Hold at least one of the following active credentials:
CompTIA Advanced Security Practitioner (CASP+ CE)
GIAC Certified Enterprise Defender (GCED)
GIAC Certified Incident Handler (GCIH)
GIAC Security Leadership (GSLC)
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified Cloud Security Professional (CCSP)
CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP)
CISSP-Information Systems Security Engineering Professional (CISSP-ISSEP)
CISSP-Information Systems Security Management Professional (CISSP-ISSMP)
CyberSec First Responder (CFR)
Certified Chief Information Security Officer (CCISO)
At least one vendor-specific cloud-related technology certifications such as: AWS, MS Azure, Google Cloud, Cisco Cloud, VMWare, etc. is preferred
Registered with the FedRAMP PMO (Desired)
PMP is a plus
We take pride in building a workforce with a strong Veterans focus
Excentium offers a competitive salary and comprehensive benefits package, including medical, dental, life, disability, 401k, and paid time off.