Cyber Risk Management Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

Steampunk, Inc. · 1 day ago

Cyber Risk Management Specialist

positionMcLean, VA
timeFull-time
remoteOnsite
senioritySenior Level
date6+ years exp

Steampunk, Inc. is a Change Agent in the Federal contracting industry, focusing on innovative solutions for clients in various sectors. They are seeking a Cyber Risk Management Specialist to implement and enforce security measures, ensuring compliance with federal regulations and best practices in cybersecurity.

ConsultingInformation Technology
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Integrate security into DevOps effectively at every stage of the software development life cycle (SDLC)
Identify security holes and potential breaches, work through multifaceted security issues, and create effective solutions based on understanding of risk posture and treatments
Develop and implement tactical strategies for seamless automation to optimize the IT infrastructure
Apply specialized knowledge of financial audit standards, classified system IA requirements, and Privacy Act requirements
Implement the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework
Evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines
Apply in-depth, hands-on knowledge of the FedRAMP regulations, process, and requirements to lead project and initiative teams in accrediting cloud products and services
Support external audits, data calls, and the Authorization to Operate (ATO) process by coordinating with organization system owners, engineers, CSP’s and Third-Party Assessment Organizations (3PAO)
Positively impact the organization’s goals and operational mission through various forms of metric performance measuring tools used to evaluate adherences to compliance
Advise clients on FedRAMP requirements and provide security guidance on the implementation of security compliance controls per technical, management, and operational requirements
Implement, monitor, and assess NIST SP 800-53 security controls for cloud environments to ensure compliance with FedRAMP requirements and governance models
Ensure ongoing compliance with FedRAMP policy and requirements through monthly deliverables, regular vulnerability scanning, penetration testing, contingency testing, and annual security assessments performed by a 3PAO
Support ATO, cATO, and continuous monitoring activities to include security documentation, audit log, security incidents, and risk assessment
Review and manage Plan of Action & Milestones (POA&M), to include remediation tracking and reporting

Qualification

Cybersecurity hygieneRisk Management Framework (RMF)FedRAMP complianceContinuous monitoringDevSecOpsNIST SP 800-53Cloud cybersecurity architectureVulnerability managementSecurity hardeningCISSPCISACISMAnalytical skillsCommunication skills

Required

Ability to obtain a U.S. government Security Clearance
Master's Degree and 6 year of cyber and FISMA experience; OR
Bachelor's Degree and 8 years of cyber and FISMA experience; OR
No degree and 12 years of experience, 10 of which must be in cyber and FISMA
Possesses at least one professional certification: CISSP, CASP, CISA, CISM or GSLC

Preferred

Experience in FISMA, cloud cybersecurity architecture, compliance with Federal regulation and policy, and commercial best practices relating to cloud security
Experience in Information Security processes to include RMF, FedRAMP, Compliance, Continuous Monitoring, and Annual Assessments
Certifications in one or more of the following: CISSP, CRICS, CCSP, CAP/CGRC
Certifications in one or more of the following: AWS Certified Solutions Architect, AWS Certified Security, Microsoft Certified Solutions Architect, MCSE Cloud Platform and Infrastructure
Experience conducting assessments in a 3PAO, C3PAO, or risk auditing organization is desirable, but not required
Experience supporting systems in Agile environments

Company

Steampunk, Inc.

twittertwittertwitter
Glassdoor4.4
company-logo
Steampunk is anchored by a startup culture with a customer-centered delivery approach, we put our Federal government clients in the center of everything we design, develop, and deliver to drive high-quality mission impacts and user experiences at speed.
dateFounded in 2019
location
Washington, District of Columbia, USA
people-size201-500 employees
web-link
https://steampunk.com/

Funding

Current Stage
Growth Stage
Total Funding
unknown
2024-07-31Non Equity Assistance

Leadership Team

leader-logo
Matt Warren
CEO
linkedin
leader-logo
Mike Saliter
Executive Vice President - Homeland, Commerce, & Justice
linkedin

Recent News

PR Newswire
Steampunk promotes Stefani Shepherd to Vice President -- Homeland, Commerce, and Justice Portfolio
2025-11-20
Washington Technology
CBP picks 3 for $900M IT, enterprise business support pact
2025-10-01
PRNewswire
Steampunk Awarded BOA on USDA STRATUS Program
2024-05-21
Company data provided by crunchbase