J5 Consulting is a Maryland based company established in 2006 to provide computing and consulting services for government and commercial entities. Our services improve Information System networking performance and compliance and protect electronic assets from loss and compromise. We welcome your application to receive consideration for the following position.

This position is available immediately.

Job Overview:

The Customer manages security assessment, security compliance, change management, and continuous monitoring responsibilities across cloud service providers.
The Customer requires support in understanding and implementing standards like ICD 503, NIST Risk Management Framework, and cloud technologies. The work requires a healthy mix of technical and policy knowledge. The work will be driven by the Customer’s needs and priorities.
This position will:

• Manage security assessment, security compliance, change management, and continuous monitoring activities across five cloud service providers through the Customer’s office.
• Assess cloud security technologies for security gaps and weaknesses according to industry standards.
• Analyze security scan findings and perform risk analysis on security scan findings.
• Review cloud security body of evidence packages for completeness and accuracy.
• Collaborate with other internal components and security peers to determine security and potential weaknesses of cloud infrastructure and cloud services.
• Advise Customer leadership on cloud security services.
• Analyze system alerts to determine if a security weakness exists and document risk mitigation procedures.
• Sustain and evolve the Customer’s standard operating procedures to meet Program Objectives.
• Facilitate technical exchange meetings (TEMs) with cloud service providers to review cloud service architectures.

Contractor shall have the following required skills, certifications and demonstrated experience:

• The Contractor shall have the following required skills, certifications and demonstrated experience:
• Demonstrated experience facilitating Technical Exchange Meeting (TEM) with cloud service providers to review cloud service architectures.
• Demonstrated experience maintaining assessment and authorization packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements.
• Demonstrated experience designing, implementing, assessing or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, IBM Cloud, or Microsoft Azure cloud architecture.
• Demonstrated experience utilizing or reviewing cross domain technology and common architecture designs.
• Demonstrated experience consulting project teams on system architecture and security posture.
• Demonstrated experience with continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus or Qualys.
• Demonstrated experience creating, monitoring, or closing system or service Plans Actions and Milestone items (POA&Ms).
• Demonstrated experience utilizing compliance tools to track assessment and authorization activities such as Xacta 360, Service Now, or RSA Archer.
• Demonstrated experience with the common control provider concept within the NIST Risk Management Framework.
• Demonstrated experience with security control assessments (SCAs) to include working with SCAs and preparing security packages for SCAs.

Highly desired skills and demonstrated experience:

Skills and demonstrated experiences that are highly desired but not required to perform the work include:

• Demonstrated experience using the Customers or similar element assessment and authorizing process.
• Demonstrated experience creating or reviewing A&A body of evidence documentation in a cloud security environment.
• Demonstrated experience identifying, implementing, or reviewing appropriate information security controls.
• Demonstrated experience working in Xacta 360.

____________________________________________________________________

US Citizenship:

• This position requires US Citizenship. Verification of US Citizenship to meet federal government security requirements will be confirmed.

Security Clearance:

• The successful candidate must have an active U.S. Government Top Secret Security Clearance with a Full Scope Polygraph.
• Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

Travel:

• This position is expected to be onsite. The position will be located within the Washington Metropolitan Area (WMA). 
• Local travel/POV will be on an as needed basis, within the local place of performance.
• Temporary Duty (TDY) travel is anticipated within the Continental United States (CONUS).

______________________________________________

This position is available immediately.

J5 Consulting offers excellent benefits and compensation packages. We are an Equal Opportunity Employer committed to providing fair and equal employment opportunities to all employees and applicants without regard to race, color, religion, gender, pregnancy, sexual orientation, national origin, age, disability, genetic information, veteran or military status, or any other characteristic protected by applicable laws.