xRAMP Assessment - Consultant
SecureIT is a leading provider of cybersecurity, cloud and compliance advisory services. We are committed to quality and the relationships that we build with our clients.
At SecureIT, you will work alongside industry experts, tackling complex challenges to educate, guide and protect our clients. We foster an environment of continuous learning, professional growth and collaboration. SecureIT offers an exciting and rewarding career path with an excellent benefits package.
Reach out today if youre ready to join our impactful team!
We are currently hiring a Consultant as part of our xRAMP Assessment team.
Responsibilities include but are not limited to:

• Assessing NIST 800-53 Rev 5 controls against FedRAMP baselines
• Assessing NIST 800-53 control categories
• Reviewing client documentation for completeness and accuracy in addressing FedRAMP controls
• Developing interview questions and interviewing clients based on assigned controls
• Testing assigned controls based on artifacts provided/obtained
• Documenting assessment results/findings for assigned controls in the Test Case Workbook
• Updating secure repository status for assigned controls
• Responding to client questions/comments related to assigned controls
• Escalating assessment findings and/or client issues to project lead upon discovery
• Assisting with project coordination
• Assisting with development of Security Assessment Plan, Risk Exposure Table, and Security Assessment Report
• Providing technical guidance to less experienced assessors
• Updating timekeeping/project resourcing tool with appropriate hours worked and tasks completed

Requirements:

• 5 years of progressive experience in technical security assessment in a professional services capacity including 2 years of experience with FedRAMP
• Excellent oral and written communication skills for deep technical matters and higher -level general concepts
• Bachelors degree in Computer Science, Information Systems, Cybersecurity or a related discipline
• Current knowledge of and experience with FedRAMP (rev.5) requirements and strong level knowledge of NIST 800-53 control families
• Strong analytical skills
• Widespread understanding of cloud computing technologies
• In-depth experience assessing (or advising on) architectures, configurations, and technical cyber/compliance best practices
• Must have the Certified Information System Security Professional (CISSP) certification along with one of the following:
• CompTIA Advanced Security Practitioner (CASP ) Continuing Education (CE)
• GIAC Certified Enterprise Defender (GCED)
• GIAC Certified Incident Handler (GCIH)
• GIAC Security Leadership (GSLC)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Cloud Security Professional (CCSP)
• CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP)
• CISSP-Information Systems Security Engineering Professional (CISSP-ISSEP)
• CISSP-Information Systems Security Management Professional (CISSP-ISSMP)
• CyberSec First Responder (CFR)
• Certified Chief Information Security Officer (CCISO)

In addition to the above required certifications, successful completion of the BCR (Baltimore Cyber Range) is preferred.