Employment Type: Full Time Salary Exempt open to 1099
Schedule: 8-hour; Monday – Friday Core working hours 9-3:30
Location: Remote hybrid onsite 2-3 days a week in DC
Employment Status: Must be a US Citizen
Security Clearance: Active Top Secret Clearance or higher
Education: BA/BS or higher preferred
Industry: Federal Government Contracting
Trewon Technologies is a competitive firm providing enterprise-wide solutions to federal clients. Trewon brings a sophisticated service line in IT-related solutions from Business Intelligence, Data Analytics, Big Data, to Cloud technologies coupled with a diverse skill set in research and evaluation to federal clients. While working in specified fields, we also understand the importance of meshing business process optimization with solid data and program management. Become an integral part of a diverse team that strives to meet an array of needs for our customers. We are currently seeking a motivated Cloud Systems ISSO to join an exciting and rewarding effort with Trewon Technologies, LLC. Please visit our website at www.trewon.com.
Summary/Objectives:
Increase Cloud oversight and management support, enabling ISSO to keep pace with the growth in move toward Cloud technology and platforms. Skilled candidate with knowledge of cloud services, that can meet the immediate need of the migrated systems, automated processes, policies, and plans, ensuring appropriate ISSO oversight as prescribed by ISO/IEC 27018:2019 (Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds), in accordance with E.O. Order and FISMA 2002 reporting. Increase in Cloud technology and move of various platforms to the Cloud requires an increase in ISSO Oversight responsibility. Skilled candidate with knowledge of cloud services that can meet the immediate need of the migrated systems, automated processes, policies, and plans to ensure appropriate ISSO oversight.
- Enable quick and easy planning, development, creation, and interpretation of federal and department cloud related cybersecurity policies.
- Identify areas requiring further guidance, recommend corrective action, and provide ISSO Oversight and guidance as directed.
- Aid cloud system owners, domestic, and overseas ISSOs in the planning, designing, development, testing, and facilitating of cloud system cybersecurity functions and policies, including A&A of platforms and major systems that reside in the cloud.
Duties and Responsibilities:
- Assist in developing, updating and maintaining cybersecurity policies, plans, procedures.
- Analyze vulnerability scans and recognize vulnerabilities in security systems on classified and unclassified and other networks to include Dedicated Internet Networks (DINs) Cloud networks.
- Can recognize vulnerabilities in security systems (e.g., vulnerability and compliance scanning).
- Collecting data from a variety of cyber defense resources and present the results in a data visualization application, i.e., Power BI.
- Be able to navigate Microsoft Azure portal for cloud environment management. Understand Microsoft Defender for Cloud and ability to read Recommendations and Security Alerts.
- Ability read and update internal policies, and plans, ensuring appropriate ISSO oversight.
- Capability to navigate FedRAMP portal.
- Has used a variety of security scanning and event correlation tools within AWS, Microsoft SCC, Google environments, etc..
- The candidate must frequently (daily) interact with other IT and cybersecurity engineers and technician within the office, to provide full lifecycle redesign, maintenance, and support of ISSO mission, priorities, and taskings.
- Track installations, gather and analyze requirements, create and report analytics, develop tutorials, promotional aids and media, preparing memoranda, spreadsheets, calendars, and other artifacts, as needed.
Other skills:
- Highly organized with the ability to work on multiple simultaneous efforts.
- Proficiency in virtual communication tools and Microsoft Office Suite.
- Demonstrated problem solving, organizational and time management skills.
- Experience in supporting Federal Government agencies, community-based organizations, or direct customer-facing projects.
- Effectively lead others to achieve shared goals through cooperation, sharing knowledge, joint problem-solving, and celebrating success.
- Basic Word, Excel, and PowerPoint skills, including formatting, designing basic quantitative graphs/figures, and slide design, if needed.
- Proven understanding of quantitative and qualitative research methodologies.
Qualifications:
The requirements listed above and below are the knowledge, skills, experience, and abilities required to perform this job successfully. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- An undergraduate degree and ability self-direct through completing an oversight engagement. Planning the engagement, conducting the kick-off meeting, on-going communication with systems group. Reviewing security documentation to understand the security posture. Write-up reports of findings, risks, and recommendations.
- 4+ yrs of experience with NIST Risk Management Framework (RMF) and its implementation for successful Authorization and Accreditation (A&A) process and Authority To Operate (ATO) package.
- 2+ yrs of experience with variety of security scanning and event correlation tools within AWS, Microsoft SCC, Google environments, etc.
- Professional certifications such as Security+, AWS, MS Azure, Google Cloud certification, ISACA CEH, ISC2 CISSP, and PMI-PMP are desirable but not required.
- Understanding of cybersecurity practices and the Federal Risk Management Framework with experience collaborating closely with stakeholders and end users.
- Reporting experience with business intelligence solutions such as Tableau, Power BI, and Excel.
- Ability to operate effectively in a fast-paced environment with competing, shifting priorities.
- Experience delivering presentations and leads client meetings. Excellent written, verbal and presentation skills.
- NIST standards: 4 years (Required)
Job Type: Full-time
Work Location: In person