Principal Security Consultant

Job Description

Readiness Delivered. Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises. We proactively build trusted relationships with our peers, partners and customers, and take ownership for our actions-always striving to do the right thing. Kratos is looking for a Principal Security Consultant to join our team in a hybrid work environment. Do you take information technology (IT) and information security seriously and want to make a difference? Helping leading-edge technology companies secure their cloud environments is at the core of what we do, and we make a difference.

As a Principal Security Consultant of Commercial Cybersecurity Services for Kratos, you will be leading and supporting teams of professionals working to evaluate and secure innovative cloud computing solutions on the most advanced cloud and on-premises infrastructures, by providing security consulting services and performing security assessments. The ideal candidate will have a firm understanding of how to apply the principles of information security in a variety of circumstances and security requirements into common technical implementations. Must have extensive experience working with the Department of Defense (DoD) Cloud Service Provider (CSP) Security Requirements Guide (SRG), Federal Risk and Authorization Management Program (FedRAMP), and cloud computing. While not required, experience working with other frameworks and publications, such as National Institute of Standards and Technology (NIST) Publications, Cybersecurity Maturity Model Certification (CMMC), etc.) is highly desirable.

• Contribute to the growth of the FedRAMP consulting and assessment practices
  • Serve as a functional leader in development and implementation of creative approaches, methodologies, and tools to meet client needs.
  • Provide thought leadership to improve current service offerings.
  • Provide technical expertise and remain current on technology trends in the marketplace.
  • Maintain a strong network and promote the organization at various government meetings, industry meetings, forums, panels, and conferences.
  • Cultivate and maintain key partnering relationships with the government, strategic customers, business associates, and/or sub-contractors.
  • Provide Technical expertise to support business development, and sales to customer base.
  • Identify new leads through networking with existing and potential customers.
  • Develop and organize service offerings, client strategy, pricing, and profitability.
  • Serve as a key contributor to capture and proposal efforts.
• Delivery Expertise
  • Provide technical expertise and leadership when communicating with customers, and government stakeholders
  • Independently lead delivery teams and provide thorough guidance to team members with minimal guidance from leadership.
  • Manage multiple efforts by appropriately gauging individual level of effort needed on each project based on staff, customer requirements, and similar factors to ensure properly balanced projects.
  • Ensure successful project completion by developing and planning projects/tasks in collaboration with project managers, and adhering to scheduling, budgetary, quality control, risk management, and contractual obligations.
  • Support staffing skill development.
• Improve quality and compliance associated with customer deliverables and quality management system.
• Lead and support assessment teams conducting FedRAMP, DoD SRG, and NIST RMF security assessments.
• Review Security Packages (SSP, SAP, SAR, POA&M, Deviation Requests, Significant Change Requests, Continuous Monitoring artifacts) for completeness and compliance.
• Validate Cloud Service Provider (CSP) compliance with FedRAMP/DoD/NIST security control baselines through review of evidence, testing, interviews, and analysis of scans, etc.
• Develop Security Assessment Plans and Security Assessment Reports, including detailed test procedures and findings.
• Validate Cloud Service Provider compliance through evidence reviews, interviews, technical testing, and analysis of vulnerabilities.
• Conduct client interviews to assess the operational and technical effectiveness of security controls.
• Evaluate cloud security implementations across AWS, Azure, Google, or other IaaS environments.

Experience and Skills

• Minimum education level needed: Bachelor's degree in computer science or related field or relevant work experience.
• Minimum # of years of job-related experience needed: Seven (7) years of cybersecurity experience.
• Required certification(s): Maintain a CISSP and one or more of the following certificates: CASP+ CE, GCED, GCIH, GSLC, CISA, CISM, CCSP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP, CFR, CCISO.
• Demonstrated understanding of the FedRAMP process.
• Ability to independently manage project teams and serves as a trusted consort for advice that provides specialized expertise to develop and implement technical solutions for complex client problems.
• Ability to successfully pass security framework certification requirements.
• Sufficient technical knowledge and understanding of cloud solutions, architecture, networks, protocols, cryptography, and identity and access management, at a minimum.
• Excellent interpersonal and communication skills, both written and verbal.
• Ability to translate technical materials and issues into non-technical/layman terms.
• Active DoD Top Secret clearance or higher.
• Experience working in classified environments; ability to work in or access a SCIF as required.

Preferred Skills/Experience

• Prior 3PAO or DoD assessor experience.
• Experience leading assessment teams or serving as a technical SME.
• Experience with automation, IaC, or cloud-native security tooling.
• AI Familiarity

#LI-Hybrid

Competitive salary based on experience and education

Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offerings-from commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And we always deliver.

This posting will close within 90 days from the Posting Date.

Job Benefits

• Medical, Dental & Vision Insurance Coverage
• Life/ADD & Short/Long Term Disability Insurance
• 401(k) Savings Plan
• Employee Stock Purchase Plan (ESPP)
• Paid Time-Off (PTO)
• Holidays
• Education Reimbursement

• Medical, Dental & Vision Insurance Coverage
• Life/ADD & Short/Long Term Disability Insurance
• 401(k) Savings Plan
• Employee Stock Purchase Plan (ESPP)
• Paid Time-Off (PTO)
• Holidays
• Education Reimbursement