Job Responsibilities

📍Experience conducting vulnerability assessments, system audits, and risk analysis using industry-standard scanning tools (e.g., Nessus, Azure security tools, Tenable, Burpsuite, etc…) to support a proactive security posture. 📍Manage and implement continuous monitoring processes to ensure the organization maintains compliance with a variety of information security frameworks, including ISO 27001:2022 and SOC 2 Type II. 📍Experience with government compliance standards such as FedRAMP (NIST SP 800-53) and CMMC is preferred. This role focuses on ensuring robust security practices and adapting to evolving compliance requirements. 📍Collaborate closely with IT, DevOps, Engineering, and Compliance teams to enforce security policies, procedures, and best practices. 📍Actively monitor, analyze, and respond to security alerts and incidents, performing investigations, incident handling, and recommending corrective actions. 📍Provide expert guidance on security matters to support secure development and operations. 📍Assist in developing, managing, and updating security documentation, including System Security Plans (SSPs), Plan of Actions & Milestones (POA&Ms), and other Risk Management Framework artifacts required by FedRAMP 📍Applying and validating Security Technical Implementation Guides (STIGs) and government guidelines to configure and secure systems according to federal standards across multiple OS’s, system types, and technologies