Senior FedRAMP Specialist

Position: Senior FedRAMP Specialist (CO-003)

Position Open: March 24, 2020

Salary Range: $150k to $200k

Shift: 1st shift 9AM – 5PM EST with ad-hoc on call for emergencies or incidents (United States of America) (Remote, some on-site may be required)

Hours Per Week: 40

Benefits: 401(k); Medical, Dental and Vision Insurance, PTO

Requirements:

Position Description: Seeking an experienced senior-level FedRAMP specialist. Must be able to independently develop all documentation for a complete authorization package. Must be very experienced with conducting all aspects of a FedRAMP 3PAO assessment. We are looking for someone with diverse experience who can conduct assessments, create documentation packages, and also provide FedRAMP advisory services to clients.

  • Excellent verbal and written communication skills
  • Ability to work self-directed in a remote environment
  • Exceptional organizational abilities and attention to detail
  • The ability to think creatively to find solutions to complex problems
  • The ability to work both independently and collaboratively within a larger team
  • In-depth knowledge of FedRAMP/ RMF related security documentation
  • Experience with industry vulnerability scanning programs: Tenable, Nessus, etc.
  • Experience with web-based office and collaboration tools: Slack, Zoom, Gmail, G-Suite, SmartSheets
  • 8 years’ experience working directly with Federal Compliance frameworks
  • 5 years managing Federal Compliance projects and developing a complete FedRAMP Authorization package (SSP, IRP, CMP, etc.)
  • Formal experience and training conducting FedRAMP 3PAO and/or RMF Assessments
  • 5 years’ experience working independently and/or in a remote environment

Responsibilities:

  • Develop complete FedRAMP Authorization packages independently
  • Prepare, review, update, and maintain supporting security artifacts
  • Provide FedRAMP advisory services to clients and guide them through the assessment process
  • Research and assess cyber security policies, procedures, legislation and implementation such as FISMA, FedRAMP, RMF, NIST and FIPS Special Publications
  • Analyze and identify risks and provide recommendations to mitigate vulnerabilities identified during assessments
  • Develop comprehensive security assessment plans and reports in accordance with authorization policies including FedRAMP, RMF, and RMF for DoD IT
  • Perform comprehensive compliance, security, and risk assessments for pre-launch and existing systems
  • Work with a team to design and deploy security architecture & automation for threat detection, tactical response, and recovery processes
  • Perform testing and review of compliance security controls
  • Assist in developing automated programs for enterprise information security and its related components
  • Serve as a compliance subject matter expert for Federal and commercial vendors

Qualifications:

  • Minimum of 5 years of professional experience in managing Federal Compliance projects
  • 8 years’ experience working directly with Federal Compliance frameworks
  • Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience

Job Type: Full-time

Salary: $150,000.00 to $200,000.00 /year

Application Question:

  • Have you written a FedRAMP package from scratch?

Have you written SSP control implementation statements before?

Have you written SSP system descriptions before?

Have you gotten any CSPs through the FedRAMP process with an ATO?

Have you worked with 3PAOs before?

Additional Compensation:

  • Bonuses

Work Location:

  • Fully Remote

Benefits:

  • Health insurance
  • Dental insurance
  • Vision insurance
  • Retirement plan
  • Paid time off
  • Work from home

This Job Is Ideal for Someone Who Is:

  • Dependable -- more reliable than spontaneous
  • Adaptable/flexible -- enjoys doing work that requires frequent shifts in direction
  • Detail-oriented -- would rather focus on the details of work than the bigger picture
  • Achievement-oriented -- enjoys taking on challenges, even if they might fail
  • Autonomous/Independent -- enjoys working with little direction

Schedule:

  • Monday to Friday
  • Day shift
  • 8 hour shift

Company's website:

  • www.earthlingsecurity.com

Work Remotely:

  • Yes
or share with friends: