|Published||November 24, 2022|
FedRAMP Consultant - Remote Department:GRC Location: Text code FRC to 202-915-6712 to apply! MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few). Beyond just excellent pay and benefits, you-ll want to work here for reasons that can-t be written into an offer letter-the challenge, growth opportunities, and most important: the culture of a company that cares about you. A position at MPG promises you + A diverse organization + A safe workplace with zero tolerance for discrimination or harassment of any kind + A balanced work life. Seriously. + A stable, established, and growing business + A leadership team focused on your professional growth and development Job Description MindPoint Group is seeking a forward-thinking and self-motivated FedRAMP Consultant. This exciting role requires an appetite for learning, superior attention to detail, the ability to meet tight deadlines, great organizational skills, and the ability to work in a highly collaborative work environment. You will possess the ability to complete complex tasks and projects quickly with little to no guidance, react with appropriate urgency to situations that require a quick turnaround, and provide the appropriate attention and support to overcome technical obstacles. As a FedRAMP Consultant, you'll be part of our team of FedRAMP personnel assessing XaaS cloud offerings against the NIST SP 800-53 framework, and helping our advisory clients successfully architect, document, prepare for, and succeed in their ATO assessments for the FedRAMP program. What you get to do every day: + Assess and document technical and operational security controls for these cloud service providers, and be exposed to numerous technologies and system architectures through your work + Report to the Senior FedRAMP Consultant on these assessments and consulting engagements to support the client through the FedRAMP ATO process + During the FedRAMP assessments, you'll be responsible for interviewing client subject matter experts and control/system owners in order to gauge their understanding and implementation of security controls, and for testing the application and successful implementation of those controls for the set of controls assigned to you + Our consulting engagements require significant interaction with client SMEs to understand their system architecture and controls at a level where you will be able to write detailed policies and procedures for those controls and assist the client with the completion of their SSP documents. + In all of our work, the ability to build rapport with the client, identify security control practices that are missing or inadequate, and provide best-in-class written deliverables is critical not only to the client's success but our team's success as well. This is not your typical GRC role - FedRAMP has high standards for its stakeholders, and MindPoint Group ensures its assessments and consulting engagements exceed those standards. Qualifications *US Citizenship is required* What skills do you need? + Bachelor-s degree in computer science, computer engineering, cybersecurity, or a closely related discipline + 2+ years of applicable experience + Strong, demonstrable technical writing ability and client interview skillset + Ability to meet or beat deliverable deadlines without micromanagement + Must be eligible for Secret Clearance + Due to changed FedRAMP requirements (June 2021), you must possess one of the following certifications: + CompTIA Advanced Security Practitioner (CASP+) Continuing Education (CE) + GIAC Certified Enterprise Defender (GCED) + GIAC Certified Incident Handler (GCIH) + GIAC Security Leadership (GSLC) + Certified Information Systems Auditor (CISA) + Certified Information Security Manager (CISM) + Certified Cloud Security Professional (CCSP) + CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP) + CISSP-Information Systems Security Engineering Professional (CISSP-ISSEP) + CISSP-Information Systems Security Management Professional (CISSP-ISSMP) + CyberSec First Responder (CFR) + Certified Chief Information Security Officer (CCISO) What is ideal? + Audit/assessment experience using risk-based frameworks + Direct work assessing and/or implementing technical controls from NIST SP 800-53 r4 or r5 + Active certification with major cloud services (AWS / Azure / GCP) + An eagerness to research unfamiliar technologies and security controls + Certificate of successful completion with Baltimore Cyber Range + Experience assessing or operating under the NIST RMF + Experience assessing FedRAMP services + Experience assessing or implementing NIST SP 800-171 controls + Experience with enterprise vulnerability scanning and remediation + Experience architecting system solutions in on-prem and cloud-based environments + Knowledge of other IT-related risk management frameworks such as HIPAA, PCI, CIS, and AICPA SOC + Solid understanding of virtualization, containerization, and hyperscale systems + Solid understanding of PKI and cryptography + System administration or network engineering background + Web application development and testing Remote Work / Travel Requirements: + This is a majority remote position with minimal (10-15%) domestic travel to client sites for FedRAMP assessments anticipated after COVID. Consulting engagements do not require travel. Additional Information + All offers are contingent upon proof of full vaccination against COVID-19 or successful accommodation for an exemption. + All your information will be kept confidential according to EEO guidelines. + Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $105-115k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. + Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, maternity/paternity leave, mobile phone stipend, pre-tax commuter benefits, the opportunity to participate in our mentorship program, and more! + MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Text code FRC to 202-915-6712 to apply!