Key skills
CloudPenetration Testing
About this role
Role Overview
- Maintain DoW IL5 authorizations and drive the strategy to expand into classified IL6 environments through strong continuous monitoring
- Lead RMF accreditation/authorization activities (SSPs, POA&Ms, SARs) and manage the significant change process with security impact and risk assessments
- Implement and operationalize sustainable GRC controls, policies, standards, and procedures aligned to DoW SRG, CNSSI 1253, and DISA STIGs; partner cross-functionally to remediate findings and improve security posture
- Oversee secure architecture and assurance (e.g., threat modeling, penetration testing/red teaming) and ensure audit/assessment readiness
- Support incident response and reporting, lead tabletop exercises, and drive continuous improvement; serve as the primary liaison to AOs/government stakeholders/assessors and build a distributed IA team aligned to business and mission objectives
Requirements
- Experience as a key contributor in obtaining DoW IL5 and IL6 authorizations and advising the business on the strategy
- Deep understanding of NIST 800-53 Rev 5, DoW Cloud Computing SRG, CNSSI 1253 and how the control requirements translate to practical implementations of GRC controls in distributed environments
- Experience with driving US Government compliance audits and the remediation of risks identified from audits
- Bachelor's degree in Information Technology (e.g., CIS, CS) or a relevant field and certifications such as CISSP
- Must be a U.S citizen, holder of an active U.S. Secret or Top Secret security clearance is a plus.
Tech Stack
- Cloud
Benefits
- Various health plans
- Time off plans for vacation and sick time
- Parental leave options
- Retirement options
- Education reimbursement
- In-office perks, and more!