StateRAMP PMO Information Security Analyst (Remote)

Company: Knowledge Services
Location: Denver
Posted on: June 26, 2022

Job Description:

Knowledge Services, a Fishers, IN based consulting and technology company, is currently hiring multiple, Remote StateRAMP PMO Information Security Analysts.
This role is responsible for evaluating and monitoring Cloud Service Provider's (CSP) security packages throughout the StateRAMP authorization process and continuous monitoring phases for security issues. This role ensures proper implementation of security technologies across CSP solutions, and document and/or communicate gaps or concerns found to 3PAO and state personnel. They will complete monthly Continuous Monitoring (ConMon) reviews and facilitate reporting of executive summary and POA&M (Plan of Action & Milestones) status to the PMO (Program Management Office) Information Security Manager and Senior Information Security Analyst. This role additionally augments and assists Service Providers with guidance, documentation review and analysis of security packages pre-audit, and provides best practices and advisory guidance to providers working to become StateRAMP Ready and Authorized. The Information Security Analyst will work in our Information Security Team, reporting to the StateRAMP PMO Information Security Manager.
This role is fully remote (or in-office for local candidate who desire in-office work).
Knowledge Services is the Project Management Office (PMO) for StateRAMP.org. StateRAMP represents the shared interests of state and local governments, third party assessment organizations (3PAOs), and service providers with IaaS, SaaS, and PaaS solutions. Learn more at www.StateRAMP.org
Responsibilities

• Monitor security review packages for issues and recommend improvements as required.
• Resolve identified POA&M issues by coordinating with State personnel and CSPs to maintain compliance with control requirements.
• Work with CSPs and 3PAOs to identify security gaps in cloud environments, develop remediation strategies with State personnel.
• Coordinate the investigation of security breaches and other cyber security incidents across the CSP, State, 3PAO and other relevant entities.
• Research security enhancements and make recommendations to management.
• Stay current on security trends, news, and best practices.
• Research and recommend security technologies and processes to CSPs.
• Help advise on configuration of security software and understand information security management.
• Assist with continuously improving security baselines, control sets, documentation, and reporting templates.
  Qualifications
  • Bachelor's degree in computer science, information technology, information assurance, cybersecurity or related field.
  • In lieu of degree, consideration will be given to an equivalent combination of related education and work experience.
  • 3-5 years of prior experience in information security, information security auditing, and/or information security compliance.
  • Detailed knowledge of security and privacy standards and best practices including knowledge of NIST special publication 800 series (800-53 rev. 4, 800-137, 800-145).
  • US Citizenship
  • One or more of the following security certifications (or other relevant security certifications): CompTIA Security+, Certified Ethical Hacker, Associate of ISC2, SSCP, CCSP, GCLD, GCIH
  • Willing to obtain the following certifications within three months of hire: AWS Certified Cloud Practitioner and/or Microsoft Azure Fundamentals
    Preferred Qualifications:
    • Experience with one or more of the compliance areas: SOC 2, IRS 1075, MARS-E 2.0, FERPA, ISO 27001.
    • Experience with FedRAMP.
    • Understanding of major CSPs (AWS, Azure, Google).
    • Experience in any of the of the following areas: Incident detection, firewall configuration/management, technical writing, vulnerability scanning, system administration, network monitoring, endpoint security, vulnerability remediation, event analysis/investigation
      
      Knowledge Services strives to offer an environment that provides our employees with the right balance between work and family.
      Perks and Benefits include:
      • Fully remote
      • Brand new HQ office full of amenities (gym, req room, coffee bars, bike room)
      • Personal, modern work stations with standing desks and top of the line technology
      • Mindful environment with touchless door entry and hospital grade air filtration system
      • Comprehensive health insurance including dental and vision coverage
      • Company funded life insurance
      • Very generous company provided 401k match program (Roth and Traditional options)
      • Established Wellness Program with quarterly monetary participation awards
      • Competitive PTO schedule
      • Extra PTO day during your birthday month and work anniversary month
      • Maternity/Paternity Benefits
        Knowledge Services is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Knowledge Services does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws. People with disabilities, veterans, and military families are encouraged to apply.

Keywords: Knowledge Services, Denver , StateRAMP PMO Information Security Analyst (Remote), Professions , Denver, Colorado