You will manage enterprise-level security compliance, data protection, and incident response protocols.
Responsibilities
- Establish and monitor security solutions for FedRAMP, SOC2, and NIST compliance.
- Design and implement security controls across cloud, network, and information security domains.
- Conduct vulnerability assessments, penetration testing, and regular security audits.
- Manage incident response protocols, including threat intelligence reporting and breach notification adherence.
- Prepare annual SOC 2 Type 2 attestation letters and documentation for contract solicitations.
Required Skills
- 5+ years of experience in security compliance and engineering.
- Extensive knowledge of FedRAMP, SOC2, and NIST frameworks.
- CISSP, CISM, or CCSP certification.
- Experience with SDLC processes.
- Proficiency in vulnerability analysis and threat intelligence assessment.
- Ability to implement audit logging and continuous security monitoring.
- Experience managing data segmentation and boundary protection.
- Configure systems for malware protection using antivirus, forensic controls, APT, and IDS/IPS measures.
Preferred Skills
- Capability to communicate technical security risks to non-technical stakeholders.
- Develop business continuity and data recovery plans to ensure organizational resilience.