Excentium Inc. is a veteran-owned small business that provides Cyber Security Engineering, Information Assurance (IA), Program Management, 3^rd Party Independent Assessment (3PAO) Services and other Information Technology (IT) services to Government and commercial organizations.

We have an opportunity for a Sr. Information Assurance Specialist- FedRAMP to support the Professional Services Group-Commercial (PSG-C).

MINIMUM CLEARANCE LEVEL: Background Check
CITIZENSHIP: US Citizenship
LOCATION: Nationwide- Telework

TRAVEL: Moderate travel (up to 50%) required.

Position Description:
The Information Assurance Specialist (IAS) assesses information system security controls and develops the security documentation and artifacts required by various regulatory and compliance standards. The IAS works with organizational leadership to document policies, procedures and implementation of various artifacts such disaster recovery, continuity of operations, personnel security, education awareness and training, physical security and others as necessary. The IAS may be responsible for the compilation, management, and maintenance of the FISMA Security Package. Specifically, the IAS:

• Performs risk assessments, defines security controls, document controls, and validate controls.
• Supports the CSPM in the development and maintenance of program policies, processes, and procedures.
• Works with client resources to develop and maintain the System Security Package
• Performs other independent assessment / advisory and consulting duties as assigned by the Excentium leadership.

Responsibilities:

Subject Matter Expertise

• Expert knowledge of the FISMA/FedRAMP/DoD Risk Management Framework (RMF).
• Expert knowledge of the National Institute of Standards and Technology (NIST) Special Publications (SP) 800-53 technical control families and how those controls impact various enterprise environments
• Effectively performs security control assessments (SCAs).
• Proficient with documenting security controls within a system security plan (SSP) and SSP artifacts.
• Develops security program policies, processes, and procedures.

Skills:

Required Skills:

• Qualifiable experience conducting FedRAMP independent assessments.
• Strong written, verbal, analytical, problem solving skills.
• Ability to successfully interact with individuals at all levels of the business.
• Knowledge of facility management considerations, including power, HVAC, and fire suppression.
• Understands hardware/software security implementation in a variety of enterprise environments.
• Strong written, verbal, analytical, problem solving skills.
• Strong organization skills to balance and prioritize workload.

Desired Skills:

• Knowledge of key OMB policies and NIST guidance on PKI, single sign-on (federated) authentication, intrusion detection and prevention, authentication mechanisms, and network security techniques.
• Knowledge of FIPS140-2, Security Requirements for Cryptographic Modules.
• Knowledge of defense-in-depth and other information security and assurance principles and associated supporting technologies.

Qualifications:

• Bachelor of Science in Computer Science or five (5) years, within the last 7 years, commensurate experience in information security auditing using the NIST framework.   
• At least one of the following certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Auditor (CISA)
  • Certified Authorization Professional (CAP)
  • Certified Cloud Security Professional (CCSP)
  • Certificate of Cloud Security Knowledge (CCSK)

Excentium offers a competitive salary and comprehensive benefits package, including medical, dental, life, disability, 401k, and paid time off.

Interested candidates should apply at the following web site: http://www.applicantstack.com/client/Excentium/x/openings for immediate consideration.

Excentium, Inc. is an equal opportunity employer.