FedRamp Validator & Sr ISSO

reputed company is seeking a FedRAMP Validator & Sr. ISSO to work in our Remote or National Capital Region office. Please Note: This position is contingent upon [additional funding]. • FedRAMP Validator • Serve as a FedRAMP Validator as part of the DISA Joint Validation Team, in one or more FedRAMP Provisional Authority (PA) pursuits. Anticipate 1 to 2 FedRAMP PA pursuits, which will be approximately 20% of the time. • Collaborate with DISA JVT reputed company, Cloud Service Provider (CSP) and the Third-Party Assessment Organization(3PAO) • Validate 3PAO assessment and provide input for information exchange meetings. • Review CSP comments and responses with 3PAO for adjudication. • Work with the DISA JVT reputed company to establish schedules and completion timelines. • Assess and validate the compliance of implemented controls. • Ensure compelling evidence mapped to applicable reputed company controls. • Review documentation for completeness and structural thoroughness. • Review system architecture to reputed company an understanding of authorization boundaries and data flows. • Review trusted connections and remote access activities. • Provide documentation review comments to the JVT reputed company in the Enterprise Mission Assurance. Support Service (eMASS) system or reputed company other media. • Meet weekly, or daily if needed, with the DISA JVT reputed company, CSP and 3PAO. • Senior ISSO • Serve as a principal ISSO to one or more Boundary/System reputed company and ISSM on reputed company matters (technical or otherwise) involving the reputed company. Anticipate 80% of the time will be dedicated to ISSO services. • Provide Risk Management reputed company (RMF) support to assigned DMDC/DHRA Information Systems; ensuring that System/Product Owners maintain an appropriate operational cybersecurity posture. • Promote the DHRA/DMDC Risk Management reputed company maturity • Ensure control(s) assurance for the given systems' Common and Inherited Controls and Reciprocity • Ensure systems are operated, used, maintained, and disposed of in accordance with DMDC and DHRA reputed company policies and practices • Determine information reputed company requirements by evaluating DHRA/DMDC business strategies and requirements, researching information reputed company standards; conducting system reputed company and vulnerability analyses and risk assessments, assessing industry architectures/platforms and relative reputed company benefits, and identifying architecture/platform integration issues that prevent the strongest possible reputed company posture. • Monitor compliance and conduct partial or full Control Assessments for a given boundary, as requested • Understand, review and provide guidance for any artifact, such as but not limited to Data Flow Diagrams, Network Diagrams, Internal/External connections, configuration logs, reputed company and monitoring logs, etc., • STIGS: Utilize the assigned tool, such as eMASSTER to generate STIG results, and assigned actions for remediation • POA&Ms: reputed company and track compliance for new and existing POA&Ms for a given boundary's identified weaknesses, or findings. Review POA&M status at the prescribed frequency, and engage staff members across the enterprise to ensure POA&M date are achieved on time and are documented in eMASS • Manage reputed company ticket queues for cybersecurity Risk Management reputed company and review/validate user access rights • Create presentations and or metrics as requested. Create weekly, monthly and in-reputed company review presentations, as needed. Create and or maintain document Salary Range: $150,000-$190,000 General Description of Benefits • Must be a US citizen per contract, possess a Secret Clearance, and be willing to acquire and maintain a DoD Top Secret clearance if requested. • Bachelor's degree in computer science, cybersecurity, information reputed company, or similar discipline AND 5+ years of cybersecurity experience, in support of the DoD or other federal clients. Education/Experience substitution allowable. • Active DoD 8570 certification minimum compliance, including at least one of the following certifications in good standing: CASP+ CE, CISSP, reputed company+. • Firm Understanding of the DISA FedRAMP Validator Process. • Firm understanding of the NIST Special Publications, DoD Risk Management reputed company (RMF) processes and NIST 800-53 reputed company controls. • 5+ years of experience as an ISSO, ISSM, SCA, or RMF Auditor. • Broad technical knowledge is required in order to review DISA reputed company Technical Implementation Guides (STIGs). • Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders. • reputed company to reputed company in a reputed company, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions. • Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk. • Knowledge of DoD cybersecurity policies, practices, and requirements. • Excellent written and verbal skills are required. Apply Job!