Cloud Information System Security Engineer

H2 Performance Consulting Corporation

  • Washington DC
  • Permanent
  • Full-time
  • 1 month ago
  • Apply easily
H2 Performance Consulting is subject to the Vietnam Era Veteran's Readjustment Assistance Act as a Federal Contractor and is an Equal Opportunity/Affirmative Action Employer and strives to build a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Additionally, as mandated under Executive order 12989, H2 is required to verify employment eligibility of selected candidates through the Department of Labor’s - E-Verify.H2 Performance Consulting (H2) is seeking a Cloud Information Systems Security Engineer (ISSE). The ISSE will be responsible for the completion of Risk Management Framework (RMF) requirements and implementation.The Cloud ISSE responsibilities will include:
  • ​Obtain and maintain authorizations for Cloud authorizations in alignment to DoDI 8510.01 and the Navy Risk Management Framework (RMF) Process Guide (RPG).
  • Authorization maintenance activities include (but are not limited to) Annual Security Reviews, Plan of Action and Milestone (POAM) maintenance, Authorization to Operation (ATO) stipulations.
  • Support all Cloud Service Models to include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
  • Develop and maintain authorization artifacts and complete all required fields in the Enterprise Mission Support Service (eMASS) tool.
  • Execute NIST 800-53 control assessments and technical testing using ACAS and STIGS in alignment with the RPG and Security Control Assessor Risk Assessment Guide (SCA RAG).
  • Work with cloud native logging tools and Splunk for event management.
  • Work with Cloud Service Providers to establish inheritance profiles.
  • Work closely with engineers to perform security impact analysis of proposed system engineering changes in a large-scale enterprise network environment.
  • Engage with Operations to obtain and review ACAS and STIG results to ensure alignment with authorization baseline.
  • Support other cybersecurity processes like Command Cyber Risk Inspections (CCRI) events, Web Risk Assessments, etc.
  • Follow all established processes and recommend changes for improvement.
Qualifications and Education Requirements:
  • BS in Computer Science/Information Systems/Engineering, or a strong grasp of Computer Science/Information Systems with relevant experience.
  • Current IA certification in accordance with DoD 8570 IAM Level II.
  • Strong experience in Navy Cloud authorizations and systems.
Preferred Skills:
  • Experience working in an IT environment in an operational capacity (i.e. operations lead, project manager, systems analyst).
  • Must be able to work with minimal oversight and meet deadlines.
  • Must have effective critical thinking and problem-solving skills.
  • Must be proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook.
  • Must have short-term and long-term planning skills Hands on experience working with teams who implement technologies in the areas of Software Configuration Management, Environment Management, Testing Lifecycle Management, Release Automation, Workflow Management, Defect Management, and Cloud Migration.
  • Ability to think independently with minimal oversight, as well as demonstrate exceptional written and oral communications skills.
  • AWS certifications.
  • Familiarity with Marine Corp and DON enterprise architectures is a plus.
Qualified candidates may submit their resume to the career section of our company website at . All resumes will be reviewed within 5 business days and those candidates we wish to further in the application process will be contacted via email/phone to schedule initial phone screens.

H2 Performance Consulting Corporation