Cloud Computing Specialist; CCS SME

Primary Duties and Responsibilities

• Google Cloud Platform (GCP) Service Management
• The CCS shall maintain current certification as a Certified Cloud Security Professional. Possesses the ability to work independently with substantial cloud computing security knowledge.
• The assessor must have the essential skillsets to identify, manage and resolve cloud computing security risk and implement “best practices” as applied within a cloud environment (across all of the different deployment and service models, and derivatives).

• Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems.
• Defines security objectives and system-level performance requirements.
• Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities.
• Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses.
• Maintains the computer and information security incident, damage and threat assessment programs.
• Responsible for the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
• Involved in the periodic conduct of a review of each system’s audits and monitors corrective actions until all actions are closed.
• Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.
• Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
• Reviews processes and security protocols and makes recommendations for increased cyber security protection.

• Bachelor’s Degree in Computer Science or a related field.
• The CCS must be well versed in FedRAMP assessment methodology of security and privacy controls deployed in cloud information systems to include six (6) domain areas. The six domains include:
• Architectural Concepts & Design Requirements
• Cloud Data Security
• Cloud Platform & Infrastructure Security
• Cloud Application Security
• Operations
• Legal & Compliance
• Five (5) years of relevant C&A experience;
  Risk Management Framework (RMF) and NIST C&A experience
• DOD IA experience
• Experience in assessing IA Controls and conducting C&A reviews for large, complex Information systems

• Active Secret level clearance
• Sensitivity Level: IT-I Critical Sensitive

• Computing Environment: IAT II or IAT III (Security+ or similar)
• 01-M Baseline Certification:
  One of the following Azure or AWS cloud-based certification per DLA Approved CE list
• AWS Certified Security – Specialty
• AWS Certified Solutions Architect – Associate AWS Certified Solutions Architect – Professional Microsoft Certified:
  Azure Administrator Associate
• Microsoft Certified:
  Azure Solutions Architect Expert Microsoft Certified Azure Security Engineer Associate

• Must be able to communicate effectively and clearly present technical approaches and findings.
• Exercises a limited degree of latitude in determining technical objectives of assignments.
• Excellent attention to detail.
• Must be able to balance multiple tasks simultaneously.
• Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

It is the policy of ASM that an individual's race, color, religion, sex,…