Cybersecurity Consultant, FedRAMP Assessments
New
F
First Information Technology ServicesIT consulting
U.S. basedFull-TimeMiddle
Salary110,000 - 140,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- Minimum of 2 years of experience
- Required Skills
- PythonGCPMicrosoft AzureSaaS
Requirements
- Demonstrated ability to own and deliver complex security compliance assessment work with limited oversight
- Minimum of 2 years of experience conducting security assessments within FedRAMP, DISA IL4/IL5/IL6 environments, or other frameworks based on NIST SP 800-53
- Demonstrated experience interpreting security requirements, collecting and validating evidence, conducting stakeholder interviews, and documenting control assessments with audit-ready rigor
- Strong written and verbal communication skills, including the ability to translate security/compliance requirements for technical and non-technical audiences
- Must hold at least one of the certifications: CCNA Security, CCNA Cyber Ops, CySA+, GCIH, GSNA, GCIA, CISA, CISSP or Associate, CSSLP, CISSO, CFR, CASP+ CE, Cloud+, GICSP, SCYBER, BCR Cyber Technical Proficiency Testing Activity
- Hands-on experience developing or assessing FedRAMP authorization packages and artifacts (e.g., SSP, SAP/SAR, RAR, POA&M)
- Strong understanding of FedRAMP guidance and baseline requirements
- Experience assessing cloud environments such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform
- Experience with common cloud service models (IaaS, PaaS, SaaS) and architectures
- Experience utilizing governance, risk, and compliance (GRC) tools and managing evidence workflows
- Experience with industry security frameworks (e.g., ISO/IEC 27001, SOC 2, PCI DSS)
- Ability to map and align controls across multiple frameworks
Responsibilities
- Execute and help lead NIST SP 800-53-based security assessments, with a primary focus on FedRAMP and/or DISA Impact Level IL4, IL5, and IL6 engagements
- Lead and carry out assessment activities by defining scope, managing schedules, coordinating evidence requests, conducting interviews, and establishing testing approaches
- Assess control implementation and effectiveness, identify gaps and risks, and define required remediation actions
- Produce clear, accurate, and client ready deliverables including assessment workpapers, control evaluation narratives, findings, and POA&M inputs with strong attention to detail and audit rigor
- Partner with client stakeholders (security, engineering, governance, and leadership) to gather evidence and explain assessment expectations and results
- Perform quality assurance reviews of assessment artifacts developed by team members and provide mentorship to junior staff as needed
- Contribute to the ongoing enhancement of FITS assessment processes, templates, and internal knowledge resources supporting federal cloud compliance
View Full Description & ApplyYou'll be redirected to the employer's site
