Senior Security Consultant

    • Job Tracking ID: KSTC-21-005
    • Job Location: Chantilly, VA
    • Job Level: Mid Career
    • Level of Education: BA/BS
    • Job Type: Full-Time/Regular
    • Date Updated: 11/24/2020
    • Years of Experience: 5+
    • Radford Job Code: 06904
Invite a friend
facebook LinkedIn Twitter Email


Job Description

Do you take Information Technology (IT) and Information Security seriously and want to make a difference? Helping leading-edge technology companies secure their cloud environments is at the core of what we do and we make a difference. As a Senior Security Consultant, of Commercial Cybersecurity Services for Kratos, you will lead and support teams of professionals working to evaluate and secure innovative cloud computing solutions on the most advanced cloud and on-premises infrastructures in the world, by providing security consulting services and performing security assessments.

The ideal candidate will have a firm understanding of how to apply the principles of information security in a variety of circumstances and expertise; translating security requirements into common technical implementations. Experience working across multiple compliance frameworks (FedRAMP, DOD SRG, CMMC, NIST, PCI, ISO, HIPAA, SOC, CJIS, etc.) is highly desired.

 Responsibilities:

Assessor Role

  • Lead and develop Security Authorization Packages that are compliant with FedRAMP and DoD requirements under the supervision of senior staff members. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, Security Assessment Plans, and Security Assessment Reports.
  • Lead and assist in the review and analysis of Security Authorization Packages for completeness and compliance with FedRAMP and DoD requirements.
  • Facilitate and participate in client interviews to complete Security Authorization Packages and Security Assessments.
  • Ensure existing systems Security Authorization Packages remain up to date throughout the life cycle.
  • Review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.

 Advisor Role

  • Engage with customers using a consultative advisor mindset.
  • Lead diagnostic/discovery sessions to gain an understanding of security architecture and control implementations towards identifying gaps and developing supporting documentation.
  • Lead the documentation of security package deliverables including policies, procedures, SSP, etc.
  • Work with multiple stakeholders (internal and external) to assess and identify security compliance gaps and propose technical and operational remediation solutions.
  • Support technical and operational questions regarding control implementations.
  • Review current system security documentation and recommend remediation and enhancements.
  • Translate complex concepts and solutions into documents required for the certification (i.e. System Security Plan).
  • Collaborate effectively within dynamic teams and across multiple customer organizations with diverse personalities and expertise to drive to agreement on complex issues. 
  • Continually seek to advance and update security and compliance knowledge and expertise.

 

Experience and Skills

 
  • A minimum of five (5) years IT, cybersecurity, or consulting work experience.
  • A Bachelor’s degree is preferred. Will consider relevant work experience along with 5 years of experience.
  • Maintain two or more of the following security or technology certificates: AWS CCP, AWS CSA, CISSP, CEH, CAP, Security+, GSEC, or equivalent.
  • A strong understanding of NIST 800 series guidelines (800-30, 800-37, 800-53 800-53A, 800-60, 800-171, etc.).
  • Broad based IT background with a technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle.
  • Excellent communication skills both written and verbal, with strong presentation skills.
  • The ability to translate technical materials and issues into non-technical/layman terms.
  • Apply attention to detail, accuracy, and thoroughness in all work products.
  • Extensive demonstrated skills in the entire Microsoft Office suite (Word, Excel, Power Point, etc.).
  • A team player that is able to work well with others in a collaborative manner. And is a self-starter who can work with minimum supervision.
  • Ability to lead interactions with clients and represent Kratos in a professional manner.
  • Able to successfully manage multiple tasks is a must.
  • Serves as mentor to Associate Security Consultants, on best practices.
  • Must be able to travel.