Seeking a Cloud Security Analyst to support the PBGC customer in Washington, D.C. This position is a member of a team that supports the Pension Benefit Guaranty Corporation (PBGC), an independent agency of the United States government.
The successful candidate will support design and implementation of a cloud service suite that offers both Infrastructure and Platform as a Service (IaaS/PaaS) as well as integration with associated Software as a Service (SaaS) tools and offerings.
The candidate will provide subject matter expertise in security principles and cloud security best practices to technical and acquisition project teams and assess potential security risk that might result from inadequate design decisions or incomplete integration of cloud-based tools.
Specific responsibilities include:
• Integrating cloud security tools and capabilities with on-premise security monitoring tools
• Implementing customer responsibilities for security controls provided in whole or in part by the Cloud Service Provider
• Determining and documenting actual implementation of customer-provided security controls and enhancements
• Interpreting security principles and requirements for technical teams as relate to cloud services
• Reviewing secure configuration baselines for compliance with best practices and agency policy
• Tailoring NIST SP 800-53 security controls to the cloud environment
• Developing security recommendations following NIST and Cloud Security Alliance guidance and security best practices
• Reviewing and interpreting continuous monitoring reports provided by Cloud Service Providers as part of FedRAMP required deliverables
Required Education & Experience:
• Bachelor's degree in Information Technology or equivalent
• Minimum of four years’ experience as a Security Analyst or Engineer or equivalent role, at least two years of which must be in a cloud environment
• Active CompTIA Security+ or (ISC)2 CISSP certification
• Active CCSP or CCSK cloud security certification
• Demonstrated experience with information security engineering practices and experience with implementation of NIST security controls
• Strong communication and writing skills
• Fluent in all Microsoft Office products (Word, PowerPoint, Excel, Project, Visio)
•All candidates for consideration must be eligible to obtain a US Public Trust Clearance