Triumph Enterprises--Corporate Headquarters

  • Cloud SME

    Job ID
    2019-2181
    Location
    US-MD-Bethesda
    Posted Date
    1 month ago(1/14/2020 7:38 PM)
  • Job Description

    Triumph Enterprises is currently looking for a FISMA Analyst with a strong experience and background in Cloud Computing and FedRAMP. The ideal candidate for this position is a security professional with experience in implementing and communicating Federal Risk Authorization Management Program (FedRAMP) and Federal Information Security Modernization Act (FISMA) compliance for the Federal government. The Analyst is responsible for helping to build and mature the agency’s Information Security Program by focusing on the Risk Management and Security Authorization activities in accordance with the applicable National Institute of Standards and Technology (NIST) 800 series guidelines and the Federal Information Processing Standards (FIPS). The Analyst will report to the Team Lead and perform and manage tasks related to the entire Assessment and Authorization (A&A) lifecycle.

     

    Beyond your technical expertise (outlined below), you must be resourceful, detail-oriented, and 100% client focused, with a continuing passion for your profession. The rewards of joining Triumph Enterprises will include competitive compensation, exceptional benefits, matching 401K, and professional/training development allowances that exceed many companies of larger size and stature.

    Responsibilities

    • Develop and update the information systems security documentation templates (e.g. System Boundary development, System Security Plan (SSP), Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, eAuthentication, Privacy Threshold Analysis, etc.) based on changing NIST and federal guidance
    • Train and Assist System Owners, ISSOs and other Stakeholders in understanding documentation requirements. Review completed templates to ensure completeness and accuracy
    • Assist in coordinating remediation of Plan of Action and Milestones (POA&M) findings with various organizations within the enterprise
    • Respond to multiple customer inquiries regarding A&A utilizing a ticketing system; ensure timely and complete responses occur
    • Develop and process waivers and exceptions for information system weaknesses and vulnerabilities
    • Facilitate Security Control Assessments (SCAs) and possibly other advanced-level Continuous Monitoring Activities within cloud-based environments
    • Work with the clients to develop capabilities briefings and presentations in support of the program
    • Coordinate with ISSOs across the organization to ensure timely compliance with Federal and organizational policies and procedures
    • Produce required reporting for various management levels
    • Conduct a FedRAMP readiness study to provide the Agency with an assessment of their capabilities to achieve FedRAMP accreditation. This includes performing a current state FedRAMP readiness review of the Agency on-premises cloud capabilities and providing the Agency with a roadmap to become FedRAMP accredited
    • Lead the development, assessment, and analyzing of cyber security documentation for client information systems in accordance with FISMA, NIST RMF for Federal Agencies, RMF, FedRAMP, and departmental standards
    • Provide guidance to clients for FedRAMP and Cloud Security
    • Develop and maintain the Fed PaaS Technology Roadmap that incorporates Fed Cloud, Fed NonCloud, NIST Cloud, and AWS GovCloud environments

    Qualifications / Requirements

    • Ability to obtain a public trust clearance
    • Bachelor’s degree
    • Minimum of 5 years of experience with three years specialized in information security -related work
    • Strong customer-service attitude, ability to multi-task and work independently
    • Strong in-person, written and verbal communication skills
    • Proficient with Cloud-based architectures
    • Subject Matter Expert (SME) knowledge of Cloud Computing and FedRAMP.
    • Knowledge of cloud computing service models (e.g. PaaS, IaaS, SaaS) as they relate to FedRAMP authorization
    • Detailed knowledge of NIST security standards and compliance measurements
    • Working experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, 800-171 and FedRAMP
    • Strong knowledge of network and systems design principles
    • High aptitude for learning (self-study and as a part of a team)
    • Experience with Amazon Web Services, Microsoft Azure, or other IaaS models
    • At least one of the following certifications CISSP, CISA, CAP and/or Security+ certification
    • Experienced with Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance

     

    Preferred Experience

    • Understanding of the NIST guidance for Ongoing Authorization
    • Skilled in Microsoft Office programs (Excel, Word, PowerPoint, MS Project, etc.)

    Company Overview

    Triumph is an employee-owned information technology (IT) company specializing in Program Management, Administrative Services, and Network and IT Support Services. Incorporated in Virginia in 2005, Triumph has risen to meet the Federal Government’s growing need for mission-critical Cybersecurity, Business Intelligence, Analytics, Data Visualization; and Program Management expertise and cultivated a track record of success. Our pursuit of excellence is driven by an emphasis on Client Focus, Integrity, Imagination, and Employee Engagement – the Core Values that motivate and inspire our leadership, business practices, and company culture.

    Triumph participates in e-Verify. We provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee’s I-9 Form to confirm work authorization. Triumph is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status or any other status defined by law. Go to www.triumph-enterprises.com to learn more about Triumph.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed