Job Descriptions: Ready for What’s Next? Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises. We proactively build trusted relationships with our peers, partners and customers, and take ownership for our actions—always striving to do the right thing. As a Security Consultant of Cybersecurity Services for Kratos, you will be supporting teams of professionals working to evaluate and secure commercial cloud computing solutions on the most advanced, innovative cloud infrastructures in the world. The ideal candidate will have a knowledge of how to apply the principles of information security in a variety of circumstances and the ability to translate security requirements into common technical implementations. Candidates will serve as a member of a team to conduct FedRAMP security assessments of SaaS, PaaS, and IaaS cloud offerings. Candidates will also provide a variety of consulting services to cloud service providers seeking to implement FedRAMP security control requirements. Experience working across multiple compliance frameworks (FedRAMP, DOD SRG, CMMC, NIST, PCI, ISO, HIPAA, SOC, CJIS, etc.) is highly desirable. Security Consultants may serve in both consulting and assessor roles for different cloud service providers, with responsibilities to include: + Support small teams in the review and analysis of security packages for completeness and compliance with FedRAMP or other cybersecurity frameworks (e.g., DoD, NIST, CMMC, or similar) requirements. + Assist in the development of Security Assessment Plans, Security Assessment Reports, and security briefings. + Conduct and participate in client interviews and working sessions to assess the technical and operational effectiveness of security control implementations within cloud environments. + Collaborate effectively within dynamic teams and across multiple customer organizations with diverse personalities and expertise to drive to agreement on complex issues. + Effectively document successful and unsuccessful security control implementations that appropriately reflect testing methodologies and evidence used to determine security implementation effectiveness. + Lead or support the review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc. + Consult on cloud security architecture and security control implementations that meet FedRAMP requirements. + Work with multiple stakeholders (internal and external) to identify security compliance gaps and propose technical and operational remediation solutions. + Develop security documentation that translates complex concepts and solutions into compliant documentation that is required for FedRAMP compliance. Required Experience: + Strong desire to develop deep technical knowledge of cloud based architectures, infrastructures, microservices, container orchestration and other cloud-native technologies + Ability to support multiple projects while applying appropriate time management + Proficiency with communicating technical and non-technical information in both written and verbal forms to internal and external individuals + Demonstrated ability to communicate progress on projects/tasks, scheduling, quality control for timely completion of deliverables + Minimum of 32-hours of industry relevant security training + Willingness to obtain required customer clearance requirements + Candidates must have at least one industry certification from the following list: + Cisco Certified Network Associate Security (CCNA Security) + Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops) + Cybersecurity Analyst (CySA+) + GIAC Certified Incident Handler (GCIH) + GIAC Systems and Network Auditor (GSNA) + GIAC Certified Intrusion Analyst (GCIA) + Certified Information Systems Auditor (CISA) + Certified Information System Security Professional or Associate (CISSP or Associate) + Certified Secure Software Lifecycle Professional (CSSLP) + Certified Information Systems Security Officer (CISSO) + CyberSec First Responder (CFR) + CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE) + CompTIA Cloud+ (Cloud+) + Global Industrial Cyber Security Professional (GICSP) + Securing Cisco® Networks with Threat Detection Analysis (SCYBER) Desired Skills and Experience + Experience working in a services organization supporting external commercial customers + FedRAMP assessment experience + Baltimore Cyber Range (BCR) certification + Strong understanding of common cloud infrastructures (AWS, Microsoft, Google, etc.) and their associated services + Prior experience serving in a technical operations role or similar hands-on role + Active Clearance (Secret, Top Secret, etc.) #LI-Remote Competitive salary based on experience and education Keyword: FedRAMP, 3PAO, Security Assessment, Security Audit, Cloud Security, Cloud Computing, Security Requirements Guide, DoD SRG Kratos Defense is an Equal Opportunity Affirmative Action Employer. EOE, Minorities, Females, Vet, Disabled, Sexual Orientation, Gender Identity or any other protected class. All qualified job seekers are encouraged to apply. Kratos Defense is committed to America's veterans by providing opportunities for them to continue contributing after service to our nation. We also work to provide reasonable accommodations to individuals with disabilities. EEO Is The Law (http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) Disability Accessibility Accommodation If you require an accommodation to navigate or apply to our careers site, please send your request to HRAccessibility@kratosdefense.com or call 858-964-2916. Any inquires not related to requesting an accommodation will be discarded. Pay Transparency The company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Job Applicant Privacy Notice For applicants in the EU and California residents, please review our privacy notice. From: Kratos Defense