Zermount, Inc. · 3 days ago
Zero Trust Senior Auditor (Assessor)
United States
Full-time
Remote
Senior Level
5+ years expZermount Inc. is seeking a Zero Trust (ZT) Senior Assessor (Auditor) who will be responsible for the oversight, development, and execution of assessments of clients' enterprise and systems for compliance with ZT principles. The role involves performing complex risk analyses, providing recommendations, and collaborating with cross-functional teams to ensure adherence to security requirements and zero trust principles.
Cyber SecurityInformation TechnologyNetwork Security
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Perform complex risk analyses which also include risk assessment to identify compliance with ZT, and security requirements based upon the analysis of people, processes, technologies, and requirements of all pillars in the CISA ZTA Maturity Model
Perform assessment and analysis of designs, architectures, configurations, and implementation of ZT principles and security capabilities
Provide recommendations, solutions, and capabilities to ensure the required ZT principles are implemented to meet the requirements of the ZT maturity model and requirements based on EO and OMB M
Review and analyze system, application, or network changes, upgrades and provide input and cybersecurity impacts. Conduct assessment of ZT architectural and configuration changes made by the O&M team(s)
Conduct a ZT review and assessment of all existing cybersecurity and IT capabilities. Provide results and reports on: Criteria for Zero Trust readiness and assessment results
Conduct analysis to identify gaps in existing capabilities to meet compliance and target ZT maturity model level
Assist with reviewing and interpreting Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, and recommended best practices and provide recommendations and potential solutions to meet requirements
Provide guidance and insights necessary for meeting requirements established through the OMB M's or EO's
Assist and support for all internal and external ZT data calls, requests, audits, compliance, and updates – ensuring accurate information and statuses are obtained and provided
Conduct assessments to determine the implementation of ZT principles across all pillars (identity, device, network, application and workload, and data) to assist the client in meeting the requirements set forth by EO 14028 and OMB M 22-09
Develop and execute assessments of existing security architecture and recommend enhancements using ZT principles and requirements
Provide responses and solutions for ZT related questions, concerns, and issues, providing guidance and strategic recommendations to leadership and other stakeholders, to ensure compliance with ZT, EO and OMB requirements
Collaborate with security engineers, architects, and other IT professionals to design, implement, and maintain ZTA capabilities, and ensure continuous compliance with ZT target maturity model level
Conduct periodic reviews and audits to ensure the proper function of ZT principles/capability implementations and adherence to regulatory requirements
Provide responses to ZT violations, assisting in the investigation and mitigation of weaknesses
Create detailed reports, and briefings outlining the results of ZT assessments, including areas of strength, areas of improvement, and recommendations for moving forward
Stay current with the latest developments in ZT methodologies and related cybersecurity trends
Qualification
Required
At least 5 years of experience in cybersecurity, information technology, or related field
Experience and Knowledge of ZT architecture, principles, methodologies, EO 14028, OMB M 22-09, Federal, DoD, and CISA Zero Trust Architecture, Maturity Model, Technical Reference Architectures, NIST, Cloud, and Risk Management Framework (RMF)
Strong understanding of zero trust principles and how they can be applied to various types of information systems
Proficient in risk assessment methodologies and security architecture frameworks
Experience with cloud-based environments and technologies
Knowledge of common cybersecurity threats and how to counteract them using ZT principles
Excellent communication skills, with the ability to explain complex concepts in a clear, concise manner
Strong problem-solving skills, with a proactive attitude towards identifying potential issues and implementing solutions
Must be able to conduct system analysis to detect issues with performance
Well versed in developing and implementing IT solutions to resolve technical challenges
Ability to work independently and as part of a team
Ability to navigate complex and politically sensitive client environments with professionalism, patience, and tact
Demonstrated ability to effectively engage and manage relationships with highly political clients while maintaining a professional demeanor, exhibiting patience, and navigating sensitive situations with tact
Minimum of a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, IT, cyber security, or a related field
A minimum of at least one of the following certifications is required: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certificate of Cloud Security Knowledge (CCSK), Certified Chief Information Security Officer (CCISO), or certification included in DoD 8570.1 IAT Level II or III categories
Minimum of an active Secret Clearance
Company
Zermount, Inc.
Zermount, Inc., a Certified SDVOSB, was founded by Terry Butler a proven leader and Cybersecurity/Information Technology (IT) professional with over15 years’ experience supporting the Federal Government and commercial clients.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
Terry Butler
CEO
Company data provided by crunchbase