FedRAMP Security Administrator || (Hybrid) || CITIZEN || FedRAMP Compliance Documentation at Davie, Florida, USA |
Email: [email protected] |
From: Taukir Ali, Vyze inc [email protected] Reply to: [email protected] Job Description - FedRAMP Security Administrator Duration: 6+ months Location: Davie, FL Hybrid or REMOTE is also fine Start: ASAP Summary: Seeking a FedRAMP Security Administrator to plan, coordinate, and implement security controls for cloud-based information systems to ensure compliance with FedRAMP standards. This includes safeguarding sensitive data by regulating access, preventing unauthorized modification, destruction, or disclosure, and maintaining comprehensive documentation. The administrator collaborates with architects, system administrators, and security professionals to evaluate and implement security measures, continuously monitor compliance, and ensure the system meets all relevant federal security guidelines. Job Responsibilities: FedRAMP Compliance Documentation: Collaborate with subject matter experts, system administrators, and security professionals to gather necessary information for FedRAMP documentation. Prepare and maintain FedRAMP System Security Plans (SSPs), Standard Operating Procedures (SOPs), and Security Assessment Plans (SAPs). Control Group Analysis and Monitoring: Analyze FedRAMP security controls to evaluate their effectiveness, ensuring compliance with FedRAMP guidelines. Establish monitoring and reporting requirements for each control group, ensuring ongoing compliance. Technical Collaboration: Work closely with internal teams, including system architects, to understand technical concepts and translate them into clear, user-friendly language that meets FedRAMP requirements. Documentation Review and Updates: Review, update, and maintain existing documentation to reflect changes in security controls or operational procedures, ensuring alignment with FedRAMP and organizational policies. Gap Analysis and Risk Assessment: Participate in comprehensive gap analysis to identify areas where the system does not meet FedRAMP requirements. Propose and implement remediation strategies to address compliance gaps. Compliance Roadmap Development: Assist in developing and driving a roadmap to achieve FedRAMP compliance, outlining necessary steps and ensuring milestones are met. Quality Assurance and Accuracy: Conduct quality assurance checks on documentation to ensure accuracy, consistency, and compliance with FedRAMP standards. Ensure documentation is clear, concise, and comprehensive. Continuous Learning and Best Practices: Stay updated on industry trends, best practices, and any changes to FedRAMP guidelines. Regularly participate in meetings, training sessions, and other activities to promote knowledge sharing and keep teams informed. Auditing and Reporting: Lead internal audits to assess FedRAMP compliance, preparing the system and team for external audits as part of the certification process. Support and drive compliance reviews through the Authorizing Official (AO). Stakeholder Collaboration: Collaborate with stakeholders to ensure that all FedRAMP documentation aligns with organizational policies and procedures. Ensure documentation is accurate, up-to-date, and addresses the specific needs of the organization. Training and Knowledge Transfer: Educate internal teams about FedRAMP requirements, control groups, and monitoring protocols. Provide guidance on operational and technical changes necessary to maintain compliance. Qualifications: Education and Experience: Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent experience. 5-7 years of experience working on FedRAMP projects, preferably in a government or regulated environment. FedRAMP and Security Knowledge: Strong knowledge of the Federal Risk and Authorization Management Program (FedRAMP) and its documentation requirements. Familiarity with security controls, risk management frameworks (e.g., NIST SP 800-53), and information security best practices. FIPS 140-2 and STIGs: Preferred knowledge of Federal Information Processing Standard (FIPS) 140-2 and Security Technical Implementation Guides (STIGs) for managing security configurations and ensuring that encryption and security measures meet federal requirements. Technical Proficiency: Familiarity with cloud computing environments (preferably Microsoft Azure), software-as-a-service (SaaS), and infrastructure-as-a-service (IaaS) concepts. Experience working with system architecture teams to meet security control requirements. Compliance Expertise: Proven experience conducting gap analyses, preparing for audits, and working with Authorizing Officials (AOs) to achieve compliance. Familiarity with version control systems and document management tools is a plus. Analytical and Communication Skills: Strong analytical and problem-solving skills, with the ability to gather, synthesize, and document information from diverse technical sources. Excellent written and verbal communication skills, with exceptional attention to detail. Independence and Time Management: Ability to work independently, prioritize tasks, and meet deadlines in a fast-paced, dynamic environment. Strong proficiency in documentation tools such as Microsoft Word, Excel, SharePoint, and version control systems. Certifications (Preferred): Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Cloud Security Professional (CCSP) are a plus. Keywords: Florida FedRAMP Security Administrator || (Hybrid) || CITIZEN || FedRAMP Compliance Documentation [email protected] |
[email protected] View all |
Wed Sep 25 02:41:00 UTC 2024 |