CyberSecurity Risk Management Specialist

Summary

Join Intevity as a CyberSecurity Risk Management Specialist and contribute to the company's mission of digital transformation in retail, software, and government. As a key member of the team, you will work on secure IaaS and PaaS solutions within multiple Cloud Service Provider's (CSP) and collaborate with internal and external stakeholders.

Requirements

• Currently holds TS clearance
• 90% Remote (with a home office in DC, MD, VA area)
• Candidate must have an active Security + Certification and at least one security certification such as Certified Information SecurityManagement (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
• Experience working in AWS, Azure, or GCP to secure IaaS, PaaS, and SaaS offerings
• Subject matter expertise in conducting security risk assessments for on-prem, hybrid cloud, and cloud systems
• Highly proficient in knowledge of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
• Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
• Experienced with vulnerability scanning tools and technologies such as Prisma Cloud, ACAS, Tenable.IO, Harbor, Windows Defender, etc
• Familiar with Cloud based security monitoring tools such as Azure Monitor, Windows Defender, AWS CloudWatch, AWS CloudTrail, AWS Guard Duty, New Relic, Prisma Cloud, Prometheus, etc
• Profound ability to collaborate well with internal and external stakeholders
• Strong MS Office skills along with strong verbal and written communication skills

Responsibilities

• Subject Matter Expert (SME) in data entry and processes for eMASS, SNAP, PPSM, STIG viewer, etc
• Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide Product Owners through key processes for submitting IATT, ATO, and ATO-C packages
• Support the evaluation of security controls against the IaaS and PaaS offerings provided
• Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process
• Conduct cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, DISA CC SRG, FISMA, and FIPS 199 and 200)

Preferred Qualifications

• Prior experience in the management of technology infrastructure is preferred
• Knowledge of the DoD is strongly preferred

Benefits

• Base salary ($115,000 - $135.000)
• Medical, dental, and vision insurance
• Long and short-term disability insurance
• Life insurance
• 401k program with company match
• Open PTO plan