Today
Secret
Mid Level Career (5+ yrs experience)
No Traveling
IT - Software
For more than a decade, Karthik Consulting has been a reliable and trusted advisor to our Government customers, providing independent and unbiased recommendations and solutions to mitigate risk and help solve IT issues. We bring the innovation, passion, and agility of the commercial sector to meet the unique challenges of this competitive space.
Karthik Consulting is seeking Cybersecurity Assessment and Authorization Subject Matter Expert (SME) (Off-Site) with the below skillset.
Cybersecurity Assessment and Authorization Subject Matter Expert (SME) (Off-Site)
Fulltime with Karthik Consulting
Location: Remote.
Clearance: Must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at time of proposal submission
Position Description
Cybersecurity Assessment and Authorization Subject Matter Expert (SME) (Off-Site)
Position Overview
The Cybersecurity Assessment and Authorization Subject Matter Expert serves as a senior cybersecurity specialist responsible for comprehensive Assessment and Authorization (A&A) of information systems and associated cybersecurity policies and procedures. This position performs critical DOD cybersecurity processes while serving as the primary subject matter expert for information systems undergoing authorization procedures within DLA's complex IT infrastructure.
Key Responsibilities
Assessment and Authorization Leadership:
• Serve as cybersecurity Subject Matter Expert (SME) for comprehensive Assessment and Authorization (A&A) of information systems and all associated cybersecurity policies and procedures
• Perform DOD cybersecurity processes serving as SME for information systems undergoing authorization in complex organizational environments
• Possess comprehensive understanding of how security controls identified in NIST 800-53 apply to assessing and authorizing large organizational IT infrastructure such as DLA's compilation of large and small enclaves, AIS applications, and IT processes
Vulnerability Assessment and Risk Management:
• Determine appropriate severity values for identified vulnerabilities (including non-compliant security controls) and assess possible ramifications on system's current or future authorization status
• Conduct comprehensive risk assessments and provide expert guidance on vulnerability remediation strategies
• Maintain expertise in cybersecurity of emerging technology areas including Cloud computing, Industrial Control Systems (ICSs), warehouse execution systems, and Operational Technology (OT) infrastructures
Audit and Compliance Support:
• Provide comprehensive audit readiness and sustainment support by participating in all phases of audit processes and creating detailed compliance documentation
• Ensure cybersecurity compliance and maintain corresponding RMF, Authorization to Operate (ATO), and audit documentation in designated repositories including tracking of dates and modifications to all relevant documented artifacts
• Demonstrate extensive experience with DoD Audit Readiness procedures and requirements
Policy and Process Implementation:
• Maintain expert knowledge in general tenets supporting overall DOD implementation of authorization processes, including supporting cybersecurity policy, procedures, and comprehensive process frameworks
• Provide expert guidance on cybersecurity control implementation across diverse technology platforms and organizational structures
Minimum Qualifications
Experience Requirements:
• Five (5) years of relevant Risk Management Framework (RMF) and NIST Assessment & Authorization (A&A) experience, including Zero Trust, SCCA FRD and SRG implementation
• Extensive DOD cybersecurity experience in large, complex organizational environments
• Comprehensive experience in general tenets supporting overall DOD implementation of authorization processes, including supporting cybersecurity policy, procedures, and process frameworks
• Demonstrated experience in assessing Information Assurance Controls and conducting Certification & Accreditation reviews for large, complex organizations
Technical Expertise:
• Expert knowledge in cybersecurity of emerging technology areas including Cloud computing, Industrial Control Systems (ICSs), warehouse execution systems, and Operational Technology (OT) infrastructures
• Comprehensive understanding of NIST 800-53 security controls and their application to large-scale organizational IT infrastructure
Required Certifications:
• Current Certified Cloud Security Professional (CCSP) certification
• DoD Approved 8570/8140 Baseline Certification at time of submission: Category IAT Level II
• At least one industry cloud certification from an extensive list including AWS (Cloud Practitioner, Developer Associate, Solutions Architect, SysOps Administrator, DevOps Engineer, Advanced Networking, Data Analytics), Oracle Cloud Infrastructure (Foundations, Data Management Foundations, Architect Foundations, Professional, Security Professional, Database Service Professional, Database Migration and Integration Professional, Observation and Management Professional, Platform Enterprise Analytics Professional), Azure (Fundamentals, Development Associate, AI Engineer Associate, Administrator Associate, Solutions Architect Expert), or Google Cloud Platform (Cloud Engineer, Cloud Architect)
Security Clearance:
• Must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at time of proposal submission
Professional Skills:
• Demonstrated strong business and technical writing skills for complex compliance documentation
• Advanced analytical and problem-solving skills for resolving sophisticated security issues and compliance challenges
• Extensive experience with DoD Audit Readiness procedures and compliance requirements
Work Location:
• Off-Site position with estimated annual hours of 1,980 – 2,080 hours/year in base period
Task Areas:
• All task areas as specified in the DLA Managed Cloud Support Services requirements
Karthik Consulting is seeking Cybersecurity Assessment and Authorization Subject Matter Expert (SME) (Off-Site) with the below skillset.
Cybersecurity Assessment and Authorization Subject Matter Expert (SME) (Off-Site)
Fulltime with Karthik Consulting
Location: Remote.
Clearance: Must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at time of proposal submission
Position Description
Cybersecurity Assessment and Authorization Subject Matter Expert (SME) (Off-Site)
Position Overview
The Cybersecurity Assessment and Authorization Subject Matter Expert serves as a senior cybersecurity specialist responsible for comprehensive Assessment and Authorization (A&A) of information systems and associated cybersecurity policies and procedures. This position performs critical DOD cybersecurity processes while serving as the primary subject matter expert for information systems undergoing authorization procedures within DLA's complex IT infrastructure.
Key Responsibilities
Assessment and Authorization Leadership:
• Serve as cybersecurity Subject Matter Expert (SME) for comprehensive Assessment and Authorization (A&A) of information systems and all associated cybersecurity policies and procedures
• Perform DOD cybersecurity processes serving as SME for information systems undergoing authorization in complex organizational environments
• Possess comprehensive understanding of how security controls identified in NIST 800-53 apply to assessing and authorizing large organizational IT infrastructure such as DLA's compilation of large and small enclaves, AIS applications, and IT processes
Vulnerability Assessment and Risk Management:
• Determine appropriate severity values for identified vulnerabilities (including non-compliant security controls) and assess possible ramifications on system's current or future authorization status
• Conduct comprehensive risk assessments and provide expert guidance on vulnerability remediation strategies
• Maintain expertise in cybersecurity of emerging technology areas including Cloud computing, Industrial Control Systems (ICSs), warehouse execution systems, and Operational Technology (OT) infrastructures
Audit and Compliance Support:
• Provide comprehensive audit readiness and sustainment support by participating in all phases of audit processes and creating detailed compliance documentation
• Ensure cybersecurity compliance and maintain corresponding RMF, Authorization to Operate (ATO), and audit documentation in designated repositories including tracking of dates and modifications to all relevant documented artifacts
• Demonstrate extensive experience with DoD Audit Readiness procedures and requirements
Policy and Process Implementation:
• Maintain expert knowledge in general tenets supporting overall DOD implementation of authorization processes, including supporting cybersecurity policy, procedures, and comprehensive process frameworks
• Provide expert guidance on cybersecurity control implementation across diverse technology platforms and organizational structures
Minimum Qualifications
Experience Requirements:
• Five (5) years of relevant Risk Management Framework (RMF) and NIST Assessment & Authorization (A&A) experience, including Zero Trust, SCCA FRD and SRG implementation
• Extensive DOD cybersecurity experience in large, complex organizational environments
• Comprehensive experience in general tenets supporting overall DOD implementation of authorization processes, including supporting cybersecurity policy, procedures, and process frameworks
• Demonstrated experience in assessing Information Assurance Controls and conducting Certification & Accreditation reviews for large, complex organizations
Technical Expertise:
• Expert knowledge in cybersecurity of emerging technology areas including Cloud computing, Industrial Control Systems (ICSs), warehouse execution systems, and Operational Technology (OT) infrastructures
• Comprehensive understanding of NIST 800-53 security controls and their application to large-scale organizational IT infrastructure
Required Certifications:
• Current Certified Cloud Security Professional (CCSP) certification
• DoD Approved 8570/8140 Baseline Certification at time of submission: Category IAT Level II
• At least one industry cloud certification from an extensive list including AWS (Cloud Practitioner, Developer Associate, Solutions Architect, SysOps Administrator, DevOps Engineer, Advanced Networking, Data Analytics), Oracle Cloud Infrastructure (Foundations, Data Management Foundations, Architect Foundations, Professional, Security Professional, Database Service Professional, Database Migration and Integration Professional, Observation and Management Professional, Platform Enterprise Analytics Professional), Azure (Fundamentals, Development Associate, AI Engineer Associate, Administrator Associate, Solutions Architect Expert), or Google Cloud Platform (Cloud Engineer, Cloud Architect)
Security Clearance:
• Must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at time of proposal submission
Professional Skills:
• Demonstrated strong business and technical writing skills for complex compliance documentation
• Advanced analytical and problem-solving skills for resolving sophisticated security issues and compliance challenges
• Extensive experience with DoD Audit Readiness procedures and compliance requirements
Work Location:
• Off-Site position with estimated annual hours of 1,980 – 2,080 hours/year in base period
Task Areas:
• All task areas as specified in the DLA Managed Cloud Support Services requirements
group id: 91008401
