AWS Assessor

About The Position

Requirements

• Must be able to obtain a DoED Level 6 High Risk/Public Trust Security Clearance
• Bachelor’s degree or equivalent and at least five (5) years related experience.
• At least five (5) years of experience as a Security Controls Assessor or similar audit findings response role with a focus on cloud-based security.
• Experience with Cloud security architecture, network security, identity, and access management.
• Solid knowledge of risk assessment tools, technologies, and methods.
• Proven experience with Cloud Security Posture Management (CSPM) tools, security as code methodologies, and container security.
• Excellent communications and interpersonal skills.
• Experience with security audits and compliance.
• AWS Certified Cloud Practitioner certification or higher.
• Good familiarity with and understanding of all relevant government and agency policies and procedures to ensure system documentation is compliance with relevant guidelines, e.g., FedRAMP, RMF, FISMA, FIPS-II, NIST, etc.
• Certified in Risk and Information Systems Control (CRISC), Certified Authorization Professional (CAP), or equivalent certification required.

Nice To Haves

• Top Secret clearance preferred.
• CISSP, CEH, GPEN or equivalent certification preferred.
• Experience with AWS Security Hub preferred.

Responsibilities

• Implement security strategies tailored to our cloud-based environments (including but not limited to Amazon AWS, Google Cloud Platform, and Microsoft Azure).
• Conduct cloud security assessments to identify vulnerabilities and risks in the cloud infrastructure.
• Understanding of FedRAMP and FedRAMP assessment requirements.
• Analyze the organization's cloud security requirements and recommend improvements.
• Analyze vulnerabilities and risks from Cloud Security Posture Management (CSPM) tools to identify ineffective or missing security controls.
• Conduct comprehensive cloud assessment of implemented controls and control enhancements to determine the effectiveness of the controls, i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security and privacy requirements for the system and the organization.
• Prepare security compliance reports containing the results and findings from the cloud assessment.
• Complete and execute a cloud Security Controls Test (SCT) plan.
• Provide the final cloud analysis report and summarize the findings as well as detailed findings.
• Review and analyze cloud system artifacts for accuracy, completeness, in support of an authorization to operate (ATO) requests.

Benefits

• In addition to a competitive salary, SkyePoint offers benefits including a certification incentive program, PTO, floating federal holiday options, several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, Vision, ST/LT Disability, Life Insurance, and 401k matched
• Great Benefits: Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, ST/LT Disability, Life Insurance, floating federal holiday options, and 401k matched
• Certificate Incentive Program: To promote professional development, we recognize and reward employees who obtain new certifications aligned with business needs.
• Flexible Work Environment