AGE
TASS (Current Contract) - Cybersecurity Engineer – Sr (Cyber Cloud Assessment)
AGE, Fort George Meade, Maryland, United States
Ft. Meade, MD
Overview
AGE Solutions is seeking a Senior Cyber Cloud Assessment Engineer (Team Lead) to support a DoD cybersecurity risk management and assessment program. The role requires on-site, full-time work at Ft. Meade, MD. Essential Duties and Responsibilities
Conduct cybersecurity assessments and validations of Cloud Service Offerings (CSOs) in support of the DoD Provisional Authorization (PA) process. Evaluate CSP documentation packages per government guidance, including artifacts such as the Cloud Architecture Diagram, System Security Plan (SSP), SSP Addendum, Readiness Assessment Report (RAR), System Architecture, Security Assessment Plan (SAP), Security Assessment Report (SAR), and related POA&Ms. Review and process changes and ConMon artifacts (Change Requests, Extension Requests, Deviation Requests, Whitelist Requests, Corrective Action Plans, templates, process approvals). Prepare and deliver up to 30 Cloud Security Assessment Packages annually, with validated controls, certifier recommendations, and residual risk statements. Participate in technical kickoff meetings and assess CSPs’ readiness posture from preliminary documentation. Analyze CSP submissions (RAR, SAP, SSP, architectural diagrams) and provide detailed feedback. Document the operational impact of authorizations, changes, and vulnerabilities on the CSP environment. Develop Cloud Security Assessment Packages per guidelines (SAR, POA&M, and deviations). Draft Authorization Recommendation Memoranda and DoD Provisional Authorization memoranda detailing CSO compliance, residual risks, services, and usage considerations. Validate CSO controls in eMASS or other government GRC tools and maintain accurate tracking in MSR. Review Customer Responsibility Matrix (CRM) and ensure proper control inheritance in eMASS/GRC systems. Organize and associate documentation with security controls in eMASS; maintain the DoD Cloud Process Guide and related templates/tools. Assist in developing internal requirements and guides for assessors conducting CSP validations; refine assessment procedures to align with DoDI 8510.01 and the DoD Cloud Computing SRG. Contribute to ongoing development and annual updates of the DoD Cloud Assessment Process Guides as requested by the Government. Requirements
Bachelor’s degree (IT-related field preferred) Eight (8) years of cybersecurity or network security experience Active DoD Top Secret clearance with SCI eligibility DoD 8570 IAM/IA Technical (IAT) Level III certification Familiarity with security controls for Azure, AWS, and other cloud platforms Solid understanding of RMF, DoDI 8510.01, and the DoD Cloud Computing SRG Hands-on experience with eMASS or other government-provided GRC tools Familiarity with cloud security documentation (SSPs, SARs, RARs, POA&Ms) Ability to analyze complex cloud architectures and provide accurate risk assessments Strong technical writing and communication skills for security assessment reports and recommendations Must reside within commutable distance of Ft. Meade, MD to work onsite full time Compensation: $120,000 - $130,000 AGE Solutions is an equal opportunity employer. We encourage qualified candidates from all backgrounds to apply and value diversity in our workforce.
#J-18808-Ljbffr
AGE Solutions is seeking a Senior Cyber Cloud Assessment Engineer (Team Lead) to support a DoD cybersecurity risk management and assessment program. The role requires on-site, full-time work at Ft. Meade, MD. Essential Duties and Responsibilities
Conduct cybersecurity assessments and validations of Cloud Service Offerings (CSOs) in support of the DoD Provisional Authorization (PA) process. Evaluate CSP documentation packages per government guidance, including artifacts such as the Cloud Architecture Diagram, System Security Plan (SSP), SSP Addendum, Readiness Assessment Report (RAR), System Architecture, Security Assessment Plan (SAP), Security Assessment Report (SAR), and related POA&Ms. Review and process changes and ConMon artifacts (Change Requests, Extension Requests, Deviation Requests, Whitelist Requests, Corrective Action Plans, templates, process approvals). Prepare and deliver up to 30 Cloud Security Assessment Packages annually, with validated controls, certifier recommendations, and residual risk statements. Participate in technical kickoff meetings and assess CSPs’ readiness posture from preliminary documentation. Analyze CSP submissions (RAR, SAP, SSP, architectural diagrams) and provide detailed feedback. Document the operational impact of authorizations, changes, and vulnerabilities on the CSP environment. Develop Cloud Security Assessment Packages per guidelines (SAR, POA&M, and deviations). Draft Authorization Recommendation Memoranda and DoD Provisional Authorization memoranda detailing CSO compliance, residual risks, services, and usage considerations. Validate CSO controls in eMASS or other government GRC tools and maintain accurate tracking in MSR. Review Customer Responsibility Matrix (CRM) and ensure proper control inheritance in eMASS/GRC systems. Organize and associate documentation with security controls in eMASS; maintain the DoD Cloud Process Guide and related templates/tools. Assist in developing internal requirements and guides for assessors conducting CSP validations; refine assessment procedures to align with DoDI 8510.01 and the DoD Cloud Computing SRG. Contribute to ongoing development and annual updates of the DoD Cloud Assessment Process Guides as requested by the Government. Requirements
Bachelor’s degree (IT-related field preferred) Eight (8) years of cybersecurity or network security experience Active DoD Top Secret clearance with SCI eligibility DoD 8570 IAM/IA Technical (IAT) Level III certification Familiarity with security controls for Azure, AWS, and other cloud platforms Solid understanding of RMF, DoDI 8510.01, and the DoD Cloud Computing SRG Hands-on experience with eMASS or other government-provided GRC tools Familiarity with cloud security documentation (SSPs, SARs, RARs, POA&Ms) Ability to analyze complex cloud architectures and provide accurate risk assessments Strong technical writing and communication skills for security assessment reports and recommendations Must reside within commutable distance of Ft. Meade, MD to work onsite full time Compensation: $120,000 - $130,000 AGE Solutions is an equal opportunity employer. We encourage qualified candidates from all backgrounds to apply and value diversity in our workforce.
#J-18808-Ljbffr