Sr. Associate, FedRAMP Assessment

About The Position

Requirements

• 3- 4 years of experience in cybersecurity, compliance, or IT auditing.
• Foundational knowledge of NIST SP 800-53 security controls and FedRAMP authorization processes.
• Experience with cloud platforms (AWS, Azure, or GCP) from a security or compliance perspective.
• Strong verbal communication and documentation skills .
• Strong analytical and problem-solving skills to assess security and compliance challenges and provide practical solutions.
• Effective time management and organizational skills and an ability to adapt in a rapidly changing environment.
• Relevant certifications such as Security+, Cloud+, CAP, or CISA (or working toward them).
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field.

Nice To Haves

• Experience supporting a cybersecurity consulting engagement preferred.

Responsibilities

• Assist in executing FedRAMP Security Assessments in accordance with NIST SP 800-53 and FedRAMP PMO requirements.
• Support the development of Security Assessment Plans (SAP) and Security Assessment Reports (SAR).
• Collect, review, and organize evidence in support of control assessments.
• Interview clients based on assigned controls.
• Respond to client questions/comments regarding assigned controls.
• Participate in control testing activities including vulnerability scan validation, configuration reviews, and system walkthroughs.
• Support client communications, status meetings, and coordination during the assessment lifecycle.
• Document technical findings, observations, and test results in the Test Case Workbook.
• Update secure repository status for assigned controls.
• Escalate assessment findings and/or client issues to project lead upon discovery.
• Maintain up-to-date knowledge of FedRAMP, FISMA, and NIST cybersecurity guidance.