Information FedRAMP Engineer

Job Description Job Description

We are seeking a FedRAMP Engineer to join our team. The role involves the implementation and management of our FedRAMP program, ensuring the ongoing compliance of our organization's systems and infrastructure with FedRAMP requirements. This position is located in Alpharetta, Georgia, and offers a long-term contract employment opportunity.

Responsibilities:

• Develop and maintain a comprehensive continuous monitoring plan based on NIST SP 800-53 guidelines, FedRAMP requirements, and organization-specific needs.

• Establish processes and procedures to collect, analyze, and report security-related information from various sources, such as security controls, vulnerability assessments, and incident response activities.

• Conduct regular risk assessments to identify potential vulnerabilities and threats to cloud-based systems.

• Define key performance indicators (KPIs) and metrics to measure the effectiveness of the continuous monitoring program.

• Monitor and analyze security logs, event data, and system alerts to identify anomalies, security incidents, and non-compliance with established security policies.

• Evaluate vulnerability scans and penetration tests to assess the security posture of cloud-based systems.

• Review and analyze security assessment and authorization (SA&

A) artifacts, including system security plans, risk assessments, and security control implementation documentation.

• Provide support during internal and external audits or assessments by compiling and presenting evidence of compliance with FedRAMP and NIST guidelines.

• Implement and manage continuous monitoring programs for cloud-based systems, demonstrating proficiency in cloud technologies and security controls.

• Work across programming languages and frameworks, demonstrating proficiency in Python and SQL, among others.
• Proven expertise in Microsoft Excel and other Microsoft tools

• Demonstrated ability to follow and develop procedures

• Experience with compliance regulations and procedures

• Familiarity with planning and implementation processes

• Knowledge of database management, particularly SQL

• Understanding of programming languages such as Python

• Familiarity with cloud technologies and related security measures

• Experience with monitoring tools and maintaining logs for tracking purposes

• Ability to conduct audits, both internal and external

• Strong phone presence and communication skills

• Experience in hiring processes and procedures

• Ability to generate metric and KPI reports

• Familiarity with Agile methodology

• Experience with FedRAMP authorizations and security compliance

• Proficiency in documentation, particularly in a technical setting.

• Knowledge of workstation support and related procedures

• Proven ability in planning and managing project timelines and deliverables.

• Familiarity with security measures and protocols.

• Experience in obtaining authorizations for various processes and systems.