We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Remote
Kratos Space Training & Cyber jobs

Senior Cybersecurity Consultant

Kratos Space Training & Cyber
United States, Virginia
Nov 22, 2024

Ready for What's Next? Kratos is a leader in assured aerospace communication solutions and services. We are cutting-edge innovators and creative problem solvers working collaboratively to solve our customers toughest challenges. Our culture is fast-paced and innovative. We are a trusted partneridriven by doing the right thing and achieving maximum success for our customers, our partners and ourselves.

Do you take information technology (IT) and information security seriously and want to make a difference? Helping leading-edge technology companies secure their cloud environments is at the core of what we do, and we make a difference.

As a Security Consultant of Commercial Cybersecurity Services for Kratos, you will be supporting teams of professionals working to evaluate and secure innovative cloud computing solutions on the most advanced cloud and on-premises infrastructures, by providing security consulting services and performing security assessments.

The ideal candidate will have a firm understanding of how to apply the principles of information security in a variety of circumstances and security requirements into common technical implementations. Must have previously worked on Federal Risk and Authorization Management Program (FedRAMP) assessments. While not required, experience working with other frameworks and publications, such as Department of Defense (DoD) Cloud Computing Security Requirements Guide, National Institute of Standards and Technology (NIST) Publications, Cybersecurity Maturity Model Certification (CMMC), PCI, etc.) is highly desirable.

Key Responsibilities:

Assessor Role



  • Support teams in the review and analysis of Security Packages for completeness and compliance with FedRAMP requirements.
  • Assist in the development of Security Assessment Plans (SAP), Security Assessment Reports (SAR), and security briefings.
  • Validate Cloud Service Provider (CSP) compliance with FedRAMP security control baselines through review of evidence, testing, interviews, and analysis of scans, etc. Familiarity with SSP, SAP, SAR, Plan of Action and Milestones (POA&M) Report, Deviation Requests, Significant Change Requests, Continuous Monitoring artifacts is required.
  • Conduct client interviews to assess the technical and operational effectiveness of security control implementations.
  • Assess existing security environments to validate that security implementations remain up to date throughout the life cycle of a system or environment.
  • Review security documentation and document ATPs as part of security testing for assessments. Security documentation includes but is not limited to: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, security policies and procedures.
  • Document security control implementations via Assessment Test Procedures (ATP) that appropriately reflect testing methodologies and evidence used to determine security implementation effectiveness.i


Keyword: FedRAMP, 3PAO, FISMA, Compliance, Assessment and Authorization, Provisional Authorization, FedRAMP JAB, NIST 800-53, DoD CC SRG, Security Assessment Report, Assessment Test Procedures
Required Experience:

  • Minimum Five (5) years of cybersecurity experience.
  • Required certification(s): Certified Information System Security Professional (CISSP), and have at least one other industry certification from the following list:i

    • CompTIA Advanced Security Practitioner (CASP+) Continuing Education (CE)
    • GIAC Certified Enterprise Defender (GCED)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Security Leadership (GSLC)
    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • Certified Cloud Security Professional (CCSP)
    • CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP)
    • CISSP-Information Systems Security Engineering Professional (CISSP-ISSEP)
    • CISSP-Information Systems Security Management Professional (CISSP-ISSMP)
    • CyberSec First Responder (CFR)
    • Certified Chief Information Security Officer (CCISO).


  • Working knowledge of the FedRAMP process.
  • Ability and willingness to learn and support other security compliance frameworks (e.g., CMMC, HITRUST).
  • Ability to successfully pass security framework certification requirements.
  • Sufficient technical knowledge and understanding of cloud solutions, architecture, networks, protocols, cryptography, and identity and access management, at a minimum.
  • Excellent interpersonal and communication skills, both written and verbal.
  • Ability to translate technical materials and issues into non-technical/layman terms.


#LI-Remote

Competitive salary based on experience and education
Salary Range: $140,000-$150,000

Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offeringsifrom commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.


From: Kratos Defense
Applied = 0
MORE JOBS LIKE THIS

(web-5584d87848-99x5x)