This position is located in the Department of Program Services (DPS), Case Management and Systems Office (CMSO), Application Support Division (ASD). The incumbent of this position will report to the CMSO IT Security Officer and is responsible for ensuringLearn more about this agency
the confidentiality, integrity and availability of systems and data.
The incumbent serves as a cybersecurity analyst with responsibility for supporting the Case Management Systems Office (CMSO) as an Information Systems Security Officer (ISSO), responsible for security oversight of the office's cloud environment. The incumbent will be responsible for coordinating the security controls for configuring and monitoring cloud services and performing security risk analysis of cloud environments. The candidate must be familiar with cloud-specific security principles and best practices (Federal information security policies, practices, and legal requirements including FISMA, RMF, NIST, and FedRAMP). Additionally, the incumbent may have some middle management responsibilities to assist the ISO in improving the office's cybersecurity program with an emphasis on the office's cloud initiatives.
Duties of the position include, but are not limited to:
- Designing security controls, processes, and procedures for public, private, and hybrid cloud integrations to ensure compliance with judiciary and federal guidance.
- Analyzing security requirements for cloud implementation and integration.
- Implementing technology solutions dedicated to data protection in the cloud.
- Working closely with the development teams to ensure that software security practices are being implemented in all applicable environments, include public, private, and hybrid cloud.
- Developing systems security documentation and conducting systems security evaluations, audits, and reviews of various cloud environments.
- Performing continuous monitoring to conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks and protection needs for public, private, and hybrid cloud environments.
- Developing and maintaining all security artifacts required for security authorization packages and IT scorecards for cloud initiatives.
- Reviewing and providing recommendations for corrective action and/or remediation of discovered security weaknesses for public, private, and hybrid cloud environments.
- Developing a partnership with the enterprise IT security office and working closely with them to address the Judiciary security policies and coordinating national program security assessments for cloud initiatives.
- Ensuring appropriate application of security policies and procedures to maintain information systems reliability and accessibility when operating in a cloud environment.
- Providing government oversight of security processes and procedures conducted by contractor staff.
- Escalating issues and concerns to the security team lead in a timely manner.
- Providing regular status updates to stakeholders, including management, customers, etc. through various mediums (i.e., written reports, status meetings, etc.).
- Performing other duties as required.
Occasional travel - You may be expected to travel for this position.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/599158000. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.