CyberSecurity Risk Management Specialist (Top Secret Clearance Required)
- Full-time
Company Description
Founded in 2003, Intevity (previously Twin Technologies) is a full-service boutique digital consultancy that develops solutions and technology to drive growth, transform businesses, and make a real impact on people’s lives.
Based in Boston, MA with remote offices and employees throughout the eastern and central US (Baltimore, Chicago, D.C., New York). Intevity focuses on both Commercial and Public Sector clients, with deep expertise in retail, software, and government. Intevity has key vendor partnerships with Adobe, AWS, and Salesforce.
We work on all phases of projects, from early discovery and design to strategy to execution. We are known for our vulnerability-based culture, high levels of craftsmanship, innovation, and trust; being able to truly connect with the needs and spot the real reasons why an organization is being held back from achieving their goals.
Job Description
As our CyberSecurity Risk Management Specialist, you will consistently challenge team members to proactively and collectively architect secure SaaS, IaaS, and PaaS solutions within multiple Cloud Service Provider's (CSP). Candidates should have effective task management skills and the ability to communicate effectively. They will be required to prepare, categorize, implement, assess, and monitor systems within accordance to NIST SP 800-53 and DISA CC SRG standards.
Major Duties & Responsibilities
Proficient understanding in data entry processes for eMASS and the utilization of STIG viewer and other tool sets
Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide product owners through key processes for submitting IATT, ATO-C, and ATO packages
Support the evaluation of security controls against SaaS, IaaS, and PaaS offerings provided through AWS, Azure, GCP, and Oracle Cloud
Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process
Conduct and lead Cyber Security assessments for ATO package creation leveraging NIST 800-53 Rev 4/5 and FEDRAMP controls with the system owners
Understands and leverages modern Cyber Security concepts and best practices such as DoD CC SRG, DoD SCCA, and Zero Trust architecture
Working experience within the Department of Defense is required
Qualifications
- Currently holds Active TS clearance
- Must meet and maintain DoD 8570 Certification of IAT or IAM level 2 (e.g. Security+ CE, CISM, CISSP or associate, CASP+)
- 90% Remote (with a home office in the Arlington, VA area)
Experience within Azure, AWS, GCP, and Oracle Commercial and Gov Clouds
Subject matter expertise in conducting security risk assessments for Cloud, Hybrid Cloud, and On-prem systems
Experienced with vulnerability scanning/monitoring tools and technologies such as ACAS, Tenable, Wireshark, NMAP, SCAP
Familiar with Cloud based security monitoring tools such as Prisma Cloud Compute, Windows Defender, AWS CloudWatch, Sentinel, etc
Profound ability to collaborate and effectively communicate with engineers, project leads, and external stakeholders
Strong MS Office skills along with strong verbal and written communication skills
Desired Qualifications:
Prior experience working with software development teams is an added benefit
Understanding basic core fundamentals of DevOps and/or DevSecOps is a plus
Additional Information
Intevity offers a competitive and comprehensive employee compensation and benefits package that includes base salary ($125,000 - $140,000), medical, dental, and vision insurance, long and short-term disability insurance, life insurance, 401k program with company match, and an open PTO plan.
Intevity is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, or protected veteran status.