Enterprise - Information System Security Officer - RMF, AWS, Kubernetes

Erias Ventures was founded to serve its customers with an entrepreneurial mindset. We valuecreative problem-solvingopen communication andempowering our employeesto make decisions and put forth new ideas.

Our staff includes technical experts working across multiple disciplines bringing diverse perspectives to every project. We are seeking engineers who wish to grow their careers and want to become part of atechnicallystrongandgrowth-orientedcompany focused on bringinginnovative solutionsto the difficult mission problems facing our customers.

Description
We are is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the Cybersecurity and Infrastructure Security Agencys (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats. We are responsible for designing building deploying operating and maintaining a complete Data Services solution which includes the collection normalization visualization and sharing of cyber data from more than 100 Federal agencies. The CDM Data Services product is an integrated suite of multiple Commercial Off the Shelf (COTS) products software configuration packages and custom code which work together to operate as an integrated solution tailored to meet Department of Homeland Security (DHS) requirements.

We are seeking professionals who thrive in a dynamic fast-paced and highly collaborative environment where problem-solving critical thinking and a holistic approach to serving the mission are key. Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning improvement and cyber security is a must!

We are is seeking a talented diligent and energetic Security Analyst. The ideal candidate will be able to assess security risks analyze security data and develop and implement security strategies to protect the programs technology infrastructure and data. They will implement and support all functions related to attaining and maintaining an authority to operate to include documentation analysis policy compliance and the regular execution of system security activities. They will have a deep understanding of network protocols operating systems and cybersecurity best practices to guard against all potential cyber threats. The ideal candidate will be able to align to the following duties:

• Apply experience of RMF Steps 1 through 4; significant experience producing Information Security documents (System Security Plan Privacy Assessments PIA PTA Risk Assessment Incident Response Disaster Recovery Interconnection Systems Agreements BIA ISA etc)
• Assist with production-systems data management analyzing performance identifying problems and developing recommendations that support cybersecurity initiatives
• Collaborate with cross functional teams to collect analyze and present recommendations regarding security posture risks and mitigations in addition to brief technical vulnerabilities and system non-compliance based on Information Security policy
• Develop revise and capture system-specific workflows and processes that align with compliance and program governance based on relevant guidelines and regulation
• Evaluate system functions for writing security control language for the satisfaction of an authority to operate
• Document security best practices and standard operating procedures and collaborate with other teams to support cross cutting processes
• Assess the impact of system vulnerabilities identified manually or by security scans and provide courses of action recommendations and remediation support
• Maintain system security awareness through regular monitoring and alerting
• Maintain accuracy of all security documents necessary for compliance throughout the systems lifetime
• Document and track POA&Ms from creation to completion
• Create and maintain dashboards to inform cyber risk posture

Clearance
US citizenship with ability to obtain Public Trust SuitabilityRequired skills:

• Bachelors degree or 5 years of relevant experience
• 3 years operating in the Federal cyber security domain spanning governance and risk management business continuity and disaster recovery encryption software development security access control network security / secure architecture and security operations
• 3 years experience reviewing and/or configuring AWS Organizations CloudFormation and/or Terraform Infrastructure as Code
• 3 years of infrastructure and network security experience
• 3 years implementing NIST RMF and writing security control responses across all control families
• 3 years delivering Federal cybersecurity reporting and compliance requirements
• 3 years evaluating system security posture from the application level to underlying infrastructure
• 1 year supporting systems deployed in cloud hosting environments
• 1 year experience communicating security concepts governing policy and compliance with both technical and non-technical personnel in oral and written mediums

• Ability to administer and/or configure Kubernetes
• Ability to execute agent and agentless security scans (i.e. Splunk Nessus Burpsuite)
• Ability to evaluate code logic and data flows within COTS and custom applications
• Familiarity with DHS CISA and the Continuous Diagnostics and Mitigation (CDM) program
• Familiarity with AWS well architected framework
• Familiarity with Cloud-based security requirements and implementation of best practices
• Familiarity with code repositories particularly Git/GitHub
• Relevant cybersecurity certifications including CISSP CISM Security etc.

Benefits
Erias Ventures provides a complete package of wealth health and happiness expected salary range for this position depending on education and years of experience is $150000 - $215000.

Wealth Benefits:

• Above Market Hourly Pay
• 11% RothorTraditional 401kwith Immediate Vesting and Deposit
• Spot Bonusesfor Assisting with Business Development and Company Growth
• Professional Development Bonusesfor Certificates and Degrees

Health Benefits:

• Company subsidizedMedicalCoverage
• 100%Company PaidVisionandDentalCoverage
• 100%Company PaidLong Term DisabilityShort Term Disability andGroup Life Insurance
• MonthlyWellness Reimbursement

Happiness Benefits:

• Paid Time OffwithFlexible WorkSchedules andBirthday Off
• Amazon Prime MembershipandMonthlyInternetReimbursement
• TechnologyandProductivity Allowancefor Equipment and Supplies
• Morale BuildingandCompany Eventsto Celebrate our Successes and Build our Community
• Onboarding and AnnualSwag
• Company Paid Professional DevelopmentandTraining

At Erias Ventures we are dedicated to fostering a diverse and inclusive workplace. As an equal opportunity employer we ensure that all qualified applicants are considered for employment based on merit without discrimination. We welcome individuals regardless of race color religion gender gender identity or expression sexual orientation national origin genetics disability age or veteran status.

Referrals &Inquiries
Do you know a cleared professional seeking to advance their career Interested in earning some extra cash If so refer them to us with their name and contact details and you could be eligible for a referral bonus of up to$10000for each successful hire.

Not seeing the right position right now Reach out to us and well notify you as new contracts and opportunities become available!

Please send referrals and inquiries to:


To learn more about our company visit ourwebpageorLinkedIn.