Erias Ventures
Enterprise - Information System Security Officer - RMF, AWS, Kubernetes
Erias Ventures, Fairfax, Virginia, United States, 22032
Erias Ventures was founded to serve its customers with an entrepreneurial mindset. We value
creative problem-solving ,
open communication , and
empowering our employees
to make decisions and put forth new ideas.
Our staff includes technical experts working across multiple disciplines, bringing diverse perspectives to every project. We are seeking engineers who wish to grow their careers and want to become part of a
technically strong
and
growth-oriented
company focused on bringing
innovative solutions
to the difficult mission problems facing our customers.
Description We are is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the Cybersecurity and Infrastructure Security Agency's (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats. We are responsible for designing, building, deploying, operating, and maintaining a complete 'Data Services' solution which includes the collection, normalization, visualization, and sharing of cyber data from more than 100 Federal agencies. The CDM Data Services product is an integrated suite of multiple Commercial Off the Shelf (COTS) products, software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet Department of Homeland Security (DHS) requirements.
We are seeking professionals who thrive in a dynamic, fast-paced, and highly collaborative environment where problem-solving, critical thinking, and a holistic approach to serving the mission are key. Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning, improvement, and cyber security is a must!
We are is seeking a talented, diligent, and energetic Security Analyst. The ideal candidate will be able to assess security risks, analyze security data, and develop and implement security strategies to protect the program's technology infrastructure and data. They will implement and support all functions related to attaining and maintaining an authority to operate to include documentation, analysis, policy compliance, and the regular execution of system security activities. They will have a deep understanding of network protocols, operating systems, and cybersecurity best practices to guard against all potential cyber threats. The ideal candidate will be able to align to the following duties: Apply experience of RMF Steps 1 through 4; significant experience producing Information Security documents (System Security Plan, Privacy Assessments - PIA, PTA, Risk Assessment, Incident Response, Disaster Recovery, Interconnection Systems Agreements, BIA, ISA, etc) Assist with production-systems data management, analyzing performance, identifying problems, and developing recommendations that support cybersecurity initiatives Collaborate with cross functional teams to collect, analyze, and present recommendations regarding security posture, risks, and mitigations in addition to brief technical vulnerabilities and system non-compliance based on Information Security policy Develop, revise, and capture system-specific workflows and processes that align with compliance and program governance based on relevant guidelines and regulation Evaluate system functions for writing security control language for the satisfaction of an authority to operate Document security best practices and standard operating procedures, and collaborate with other teams to support cross cutting processes Assess the impact of system vulnerabilities identified manually or by security scans, and provide courses of action recommendations and remediation support Maintain system security awareness through regular monitoring and alerting Maintain accuracy of all security documents necessary for compliance throughout the system's lifetime Document and track POA&Ms from creation to completion Create and maintain dashboards to inform cyber risk posture Clearance US citizenship with ability to obtain Public Trust Suitability
Experience Required skills:
Bachelor's degree or 5 years of relevant experience 3+ years operating in the Federal cyber security domain spanning governance and risk management, business continuity and disaster recovery, encryption, software development security, access control, network security / secure architecture, and security operations 3+ years experience reviewing and/or configuring AWS Organizations, CloudFormation, and/or Terraform Infrastructure as Code 3+ years of infrastructure and network security experience 3+ years implementing NIST RMF and writing security control responses across all control families 3+ years delivering Federal cybersecurity reporting and compliance requirements 3+ years evaluating system security posture from the application level to underlying infrastructure 1+ year supporting systems deployed in cloud hosting environments 1+ year experience communicating security concepts, governing policy, and compliance with both technical and non-technical personnel in oral and written mediums Desired skills:
Ability to administer and/or configure Kubernetes Ability to execute agent and agentless security scans (i.e., Splunk, Nessus, Burpsuite) Ability to evaluate code, logic, and data flows within COTS and custom applications Familiarity with DHS, CISA, and the Continuous Diagnostics and Mitigation (CDM) program Familiarity with AWS' well architected framework Familiarity with Cloud-based security requirements and implementation of best practices Familiarity with code repositories, particularly Git/GitHub Relevant cybersecurity certifications including CISSP, CISM, Security+, etc. Benefits Erias Ventures provides a complete package of wealth, health, and happiness benefits. The expected salary range for this position, depending on education and years of experience is $150,000 - $215,000.
Wealth Benefits:
Above Market Hourly Pay 11% Roth
or
Traditional 401k
with Immediate Vesting and Deposit Spot Bonuses
for Assisting with Business Development and Company Growth Professional Development Bonuses
for Certificates and Degrees Health Benefits:
Company subsidized
Medical
Coverage 100%
Company Paid
Vision
and
Dental
Coverage 100%
Company Paid
Long Term Disability ,
Short Term Disability , and
Group Life Insurance Monthly
Wellness Reimbursement Happiness Benefits:
Paid Time Off
with
Flexible Work
Schedules and
Birthday Off Amazon Prime Membership
andMonthly
Internet
Reimbursement Technology
and
Productivity Allowance
for Equipment and Supplies Morale Building
and
Company Events
to Celebrate our Successes and Build our Community Onboarding and Annual
Swag Company Paid Professional Development
and
Training At Erias Ventures, we are dedicated to fostering a diverse and inclusive workplace. As an equal opportunity employer, we ensure that all qualified applicants are considered for employment based on merit, without discrimination. We welcome individuals regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Referrals & Inquiries Do you know a cleared professional seeking to advance their career? Interested in earning some extra cash? If so, refer them to us with their name and contact details, and you could be eligible for a referral bonus of up to
$10,000
for each successful hire.
Not seeing the right position right now? Reach out to us, and we'll notify you as new contracts and opportunities become available!
Please send referrals and inquiries to: jobs@eriasventures.com
To learn more about our company visit our webpage or LinkedIn .
creative problem-solving ,
open communication , and
empowering our employees
to make decisions and put forth new ideas.
Our staff includes technical experts working across multiple disciplines, bringing diverse perspectives to every project. We are seeking engineers who wish to grow their careers and want to become part of a
technically strong
and
growth-oriented
company focused on bringing
innovative solutions
to the difficult mission problems facing our customers.
Description We are is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the Cybersecurity and Infrastructure Security Agency's (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats. We are responsible for designing, building, deploying, operating, and maintaining a complete 'Data Services' solution which includes the collection, normalization, visualization, and sharing of cyber data from more than 100 Federal agencies. The CDM Data Services product is an integrated suite of multiple Commercial Off the Shelf (COTS) products, software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet Department of Homeland Security (DHS) requirements.
We are seeking professionals who thrive in a dynamic, fast-paced, and highly collaborative environment where problem-solving, critical thinking, and a holistic approach to serving the mission are key. Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning, improvement, and cyber security is a must!
We are is seeking a talented, diligent, and energetic Security Analyst. The ideal candidate will be able to assess security risks, analyze security data, and develop and implement security strategies to protect the program's technology infrastructure and data. They will implement and support all functions related to attaining and maintaining an authority to operate to include documentation, analysis, policy compliance, and the regular execution of system security activities. They will have a deep understanding of network protocols, operating systems, and cybersecurity best practices to guard against all potential cyber threats. The ideal candidate will be able to align to the following duties: Apply experience of RMF Steps 1 through 4; significant experience producing Information Security documents (System Security Plan, Privacy Assessments - PIA, PTA, Risk Assessment, Incident Response, Disaster Recovery, Interconnection Systems Agreements, BIA, ISA, etc) Assist with production-systems data management, analyzing performance, identifying problems, and developing recommendations that support cybersecurity initiatives Collaborate with cross functional teams to collect, analyze, and present recommendations regarding security posture, risks, and mitigations in addition to brief technical vulnerabilities and system non-compliance based on Information Security policy Develop, revise, and capture system-specific workflows and processes that align with compliance and program governance based on relevant guidelines and regulation Evaluate system functions for writing security control language for the satisfaction of an authority to operate Document security best practices and standard operating procedures, and collaborate with other teams to support cross cutting processes Assess the impact of system vulnerabilities identified manually or by security scans, and provide courses of action recommendations and remediation support Maintain system security awareness through regular monitoring and alerting Maintain accuracy of all security documents necessary for compliance throughout the system's lifetime Document and track POA&Ms from creation to completion Create and maintain dashboards to inform cyber risk posture Clearance US citizenship with ability to obtain Public Trust Suitability
Experience Required skills:
Bachelor's degree or 5 years of relevant experience 3+ years operating in the Federal cyber security domain spanning governance and risk management, business continuity and disaster recovery, encryption, software development security, access control, network security / secure architecture, and security operations 3+ years experience reviewing and/or configuring AWS Organizations, CloudFormation, and/or Terraform Infrastructure as Code 3+ years of infrastructure and network security experience 3+ years implementing NIST RMF and writing security control responses across all control families 3+ years delivering Federal cybersecurity reporting and compliance requirements 3+ years evaluating system security posture from the application level to underlying infrastructure 1+ year supporting systems deployed in cloud hosting environments 1+ year experience communicating security concepts, governing policy, and compliance with both technical and non-technical personnel in oral and written mediums Desired skills:
Ability to administer and/or configure Kubernetes Ability to execute agent and agentless security scans (i.e., Splunk, Nessus, Burpsuite) Ability to evaluate code, logic, and data flows within COTS and custom applications Familiarity with DHS, CISA, and the Continuous Diagnostics and Mitigation (CDM) program Familiarity with AWS' well architected framework Familiarity with Cloud-based security requirements and implementation of best practices Familiarity with code repositories, particularly Git/GitHub Relevant cybersecurity certifications including CISSP, CISM, Security+, etc. Benefits Erias Ventures provides a complete package of wealth, health, and happiness benefits. The expected salary range for this position, depending on education and years of experience is $150,000 - $215,000.
Wealth Benefits:
Above Market Hourly Pay 11% Roth
or
Traditional 401k
with Immediate Vesting and Deposit Spot Bonuses
for Assisting with Business Development and Company Growth Professional Development Bonuses
for Certificates and Degrees Health Benefits:
Company subsidized
Medical
Coverage 100%
Company Paid
Vision
and
Dental
Coverage 100%
Company Paid
Long Term Disability ,
Short Term Disability , and
Group Life Insurance Monthly
Wellness Reimbursement Happiness Benefits:
Paid Time Off
with
Flexible Work
Schedules and
Birthday Off Amazon Prime Membership
andMonthly
Internet
Reimbursement Technology
and
Productivity Allowance
for Equipment and Supplies Morale Building
and
Company Events
to Celebrate our Successes and Build our Community Onboarding and Annual
Swag Company Paid Professional Development
and
Training At Erias Ventures, we are dedicated to fostering a diverse and inclusive workplace. As an equal opportunity employer, we ensure that all qualified applicants are considered for employment based on merit, without discrimination. We welcome individuals regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Referrals & Inquiries Do you know a cleared professional seeking to advance their career? Interested in earning some extra cash? If so, refer them to us with their name and contact details, and you could be eligible for a referral bonus of up to
$10,000
for each successful hire.
Not seeing the right position right now? Reach out to us, and we'll notify you as new contracts and opportunities become available!
Please send referrals and inquiries to: jobs@eriasventures.com
To learn more about our company visit our webpage or LinkedIn .