Security SME

From zero trust architecture and cloud delivery to security automation and beyond, Easy Dynamics delivers cutting-edge innovation and steady guidance in an ever-changing IT landscape and we’re growing. Come join our team! 
We are looking for a Security SME to join our team! The Security SME will be responsible for Security Assessment & Authorization (SA&A), Continuous Diagnostics and Mitigation (CDM), Vulnerability Management, and constantly maintaining a secure cloud footprint. The SME will advise on the adoption, compliance, and adherence to FISMA/FedRAMP controls and Federal security policies to achieve ATOs.
We are a fast-paced organization that values our people and always strives for excellence. Our delivery practices lean heavily on Agile methodology and our technologists are top notch. The Easy Dynamics culture is one of connection and collaboration across teams to ensure that we always put our best foot forward. Being in growth mode means that we are small enough that no idea is too small for discussion, and everyone can be an impact player. Responsibilities:

• Deep Experience and Expertise with cloud security, compliance, and accreditation
• Support architecting state of the art, automated, fault-tolerant, and scalable AWS environments adhering to AWS best practices in standard and GovCloud regions
• Support migrating infrastructure and system/application workloads to AWS Cloud including - Rehosting (Lift and Shift), Repurchasing, Refactoring/Re-architecting, Retiring, and Retaining
• Support institutionalizing DevOps methodology and creation, maintenance, and employment of automated CICD pipelines. Be a trusted advisor for DevOps initiatives by providing objective and relent ideas, insights, and guidance
• Works as or closely with the ISSO to respond to Information Security data calls, inquiries, and surveys. Provide proactive communications to stakeholders regarding status, issues, or questions
• Experience working in IT operations, system administration, applications development, change, and configuration management including, but not limited to asset tracking, backup technologies, and other maintenance procedures
• Participates, conducts, and presents in security meetings, workgroups, or training events

Qualifications:

• Bachelor’s degree in related discipline
• 3 years with specialization in cloud technologies
• Must have at least 12 years of on-the-job experience
• Be able to work remotely but, be able to go on-site as requested and/or occasionally with potentially some form of post-pandemic cadence, on-site in Washington DC
• Understanding of IaaS and PaaS cloud services and experience employing them to design solutions to complex problems
• Knowledge and Experience with Cloud Architecture Design, Networking and Security, DevOps and CICD Pipelines, Migration
• Automation experience including CloudFormation and/or terraform to ensure repeatable, sustainable AWS infrastructure is effectively managed
• Strong analytical, task management, time management, and communication skills necessary for handling SA&A, CDM, and Vulnerability Management initiatives, tasks, and deadlines impacting the customer’s environment
• Ability to achieve ATO from scratch or leverage and build upon existing ATO in adherence to FISMA/FedRAMP controls and Federal security policies
• Ability to collaborate proactively with varied stakeholders for developing SA&A package documentation (Ex: Contingency Plans, System Security Plans, Privacy Impact Assessments, POA&Ms, etc.), reviewing, and revising for accuracy and quality
• Monitoring the remediation of critical, high, and medium findings and vulnerabilities
• Ability to research, analyze, correlate and present vulnerability data from a variety of tools including the analysis of multilevel security risks and problems
• Ability to configure, integrate, and implement 3rd party security solutions
• Effective technical writing skills. Experience writing Plans, SOPs, POA&Ms, policies, guidance, change management request, business cases, security incident reports, risk waivers, remediation action plans, and SA&A-required documentation
• Plan, organize, and execute multiple responsibilities to achieve assessment goals and provide technical leadership to move projects to completion
• Ensure deliverables are completed on time and of high-quality
• Must be able to see opportunities for improvement, take ownership, and closely work with varied team to drive improvement
• Proficient at prioritization, multi-tasking, and proactive in work responsibilities
• Hardworking and self-motivated, with the ability to work in team and individual settings
• Detail-oriented and able to stand behind the quality of the work
• Able to learn quickly on the job in a changing environment
• Can generate proficient documentation using the Microsoft Office suite
• Able to properly understand, interpret and communicate level of effort, define due dates, and meet deadlines
• Must be a US Citizen

Salary Range: $105,000 - $120,000