Description

You will manage enterprise-level security compliance, data protection, and incident response protocols.

Responsibilities

  • Establish and monitor security solutions for FedRAMP, SOC2, and NIST compliance.
  • Design and implement security controls across cloud, network, and information security domains.
  • Conduct vulnerability assessments, penetration testing, and regular security audits.
  • Manage incident response protocols, including threat intelligence reporting and breach notification adherence.
  • Prepare annual SOC 2 Type 2 attestation letters and documentation for contract solicitations.

Required Skills

  • 5+ years of experience in security compliance and engineering.
  • Extensive knowledge of FedRAMP, SOC2, and NIST frameworks.
  • CISSP, CISM, or CCSP certification.
  • Experience with SDLC processes.
  • Proficiency in vulnerability analysis and threat intelligence assessment.
  • Ability to implement audit logging and continuous security monitoring.
  • Experience managing data segmentation and boundary protection.
  • Configure systems for malware protection using antivirus, forensic controls, APT, and IDS/IPS measures.

Preferred Skills

  • Capability to communicate technical security risks to non-technical stakeholders.
  • Develop business continuity and data recovery plans to ensure organizational resilience.

Education

Any Graduate