AWS Assessor

Responsibilities

• Implement security strategies tailored to our cloud-based environments (including but not limited to Amazon AWS, Google Cloud Platform, and Microsoft Azure).
• Conduct cloud security assessments to identify vulnerabilities and risks in the cloud infrastructure.
• Understanding of FedRAMP and FedRAMP assessment requirements.
• Analyze the organization's cloud security requirements and recommend improvements.
• Analyze vulnerabilities and risks from Cloud Security Posture Management (CSPM) tools to identify ineffective or missing security controls.
• Prepare security compliance reports containing the results and findings from the cloud assessment.
• Complete and execute a cloud Security Controls Test (SCT) plan.
• Provide the final cloud analysis report and summarize the findings as well as detailed findings.
• Review and analyze cloud system artifacts for accuracy, completeness, in support of an authorization to operate (ATO) requests.
• Required Qualifications:
• Must be able to obtain a DoED Level 6 High Risk/Public Trust Security Clearance
• Bachelor's degree or equivalent and at least five (5) years related experience.
• At least five (5) years of experience as a Security Controls Assessor or similar audit findings response role with a focus on cloud-based security.
• Experience with Cloud security architecture, network security, identity, and access management.
• Solid knowledge of risk assessment tools, technologies, and methods.
• Proven experience with Cloud Security Posture Management (CSPM) tools, security as code methodologies, and container security.
• Excellent communications and interpersonal skills.
• Experience with security audits and compliance.
• AWS Certified Cloud Practitioner certification or higher.
• Good familiarity with and understanding of all relevant government and agency policies and procedures to ensure system documentation is compliance with relevant guidelines, e.g., FedRAMP, RMF, FISMA, FIPS-II, NIST, etc.
• Certified in Risk and Information Systems Control (CRISC), Certified Authorization Professional (CAP), or equivalent certification required.

Requirements

• Top Secret clearance preferred.
• CISSP, CEH, GPEN or equivalent certification preferred.
• Experience with AWS Security Hub preferred.

Benefits

Additional Information

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively - anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results. This is a contingent position based upon customer approval. SkyePoint Decisions is seeking an AWS Assessor to join our team for a government contract. This Assessor is responsible for leading the Risk Management Engineering (RME) team in planning and preparation for security assessment and authorization (A&A) as part of the Departments Information Assurance policy. The AWS Assessor is responsible for conducting a comprehensive assessment of implemented controls and control enhancements to determine the effectiveness of the controls, i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security and privacy requirements for the system and the organization.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at skyepointdecisionsinc? Share your experience