We use cookies to improve your experience on our site. To find out more, read our privacy policy.

DE Jobs

Search from over 2 Million Available Jobs, No Extra Steps, No Extra Forms, Just DirectEmployers

Home View All Jobs (2,279,731)

Job Information

ASM Research, An Accenture Federal Services Company Cloud Risk and Compliance Analyst in Bethesda, Maryland

Operations Security Advisor I – Cloud Risk and Compliance Analyst

Candidate will be expected to work on customer site up to two days per week.

  • Provide Risk Management Framework (RMF) subject matter expertise to the client.

  • Experience implementing security controls and compliance with a Cloud Service Provider CSP (AWS or Azure)

  • Support ongoing compliance activities and monitoring efforts across applicable Regulations and Standards (NIST-800-53, FedRAMP)

  • Collaborate with cross-functional teams to implement compliance initiatives and security controls

  • Monitor and track activities related to control remediation or corrective action.

  • Partner with business and IT teams to develop and deliver risk mitigation plans, implement additional control activities, or document risk acceptance

  • Experience with FedRAMP compliance, Cloud systems and the Customer Responsibility Matrix (CRM)

  • Coordinate with Authorizing Officials, System Owners, Engineers, ISSO and other applicable teams to create and update SSPs, SARs, SIAs, Security Impact Analysis and other applicable documentation for legacy on-prem and Cloud systems.

  • Assess and determine the NIST 800-53 Control Status for multiple ATOs.

  • Update and maintain POAMs and ATO packages in CSAM

  • Ensure assessment and authorization packages are in compliance with Federal government compliance and client requirements.

  • On-time submission of contract deliverables with special attention to quality and accuracy.

  • Monitor, track, and report on daily, weekly, and monthly team program initiatives.

  • Evaluate configuration management (CM) for information system security software, hardware, and firmware.

Other Job Specific Skills:

  • Experience and knowledge of NIST SP 800-37, NIST SP 800-53r5, FedRamp

  • Experience and knowledge of performing risk and vulnerability assessments for the purpose of change management (SIA).

  • POAM management, tracking and reporting.

  • Experience with RMF and Cloud authorization processes and procedures.

  • Experience with categorization of Federal government systems.

  • Experience in policy implementation with a Federal government client.

  • Technical writing skills to include SOPs and Control Implementation.

DirectEmployers