Position Description:
Valiant Solutions is seeking a FedRAMP Engineer to join our rapidly growing and innovative cybersecurity team!
The candidate will provide technical expertise on Security control implementations and development of Information Security procedures for systems and applications. The selected candidate will play a key role in a fast-paced FedRAMP team to provide comprehensive program, analytical, technical, and advisory skills to the client and supported Cloud Service Providers (CSPs). Candidates will be required to perform pre-assessment activities including a detailed analysis of the technology stacks comprising the vendor solutions. This position requires an advanced understanding of how to engineer secure, compliant, and resilient architectures and solutions. You will be part of a team working to assess vendor systems for technical compliance with NIST, FedRAMP and agency standards.
Valiant Solutions is a company that cares about its employees- we've been named one of the Best Places to Work in the Washington DC area TEN years in a row! If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!
This position allows for 100% remote work. Remote work necessitates a high-level trust in our employees and we strictly adhere to the details found below in our Remote Work Policy.
Required Experience
- Five (5) years of experience in the IT Security field
- Bachelor’s degree in Computer Science, Information Systems, Mathematics, Engineering or a related field, or an additional two years of IT experience
- Four (4) years of experience supporting FedRAMP
- Four (4) years of hands-on technical experience as a System Architect or Security Engineer
- Security+, CISSP, CISM, CISA, or equivalent Security certification.
- Direct experience performing analysis on FedRAMP CSP architectures and control implementations (ie. 3PAO, FedRAMP program at another agency, etc)
- Confidence and depth of understanding to lead meetings with potential Vendors
- Current experience in reviewing 3rd party security assessment reports
- Have detailed knowledge and experience with NIST Policies, Governance, Security Planning and Architecture, FISMA Compliance, RMF, Incident Analysis, and General Security Best Practices.
- Possess strong written and oral communication skills to support customers, internal stakeholders, peers, and public audiences.
- Ability to communicate, both written and oral, to both technical and non-technical stakeholders.
- Strong communication skills to interact with senior managers, junior staff, and business unit (non-technical) customers.
Responsibilities
- Perform detailed architecture and technical design reviews on the full stack for vendor solutions
- Conduct architecture reviews of Cloud Service Providers (CSPs) authorization packages to validate secure design, alignment to FedRAMP and agency requirements, identify gaps, and advise the FedRAMP Government Lead overall risk posture and compliance.
- Lead and conduct architecture interviews with CSPs to ensure all critical control areas throughout the architecture are designed to meet program requirements.
- Develop architecture briefing documents to inform the Government FedRAMP program manager and CISO of CSP compliance with FedRAMP program requirements, technical capabilities, and any concerns noted from material review.
- Complete comprehensive review and comment documents of CSPs FedRAMP documentation including but not limited to system security plans, policies and procedures, supplemental agency guidance documents, alternative implementation and risk acceptance documents, etc. Work with CSPs to reconcile and address any documentation and technology gaps discovered during the review.
- Complete a comprehensive review of CSPs' assessments and package submissions after 3PAO audits and prepare a package briefing for the Government FedRAMP program manager and agency CISO. Artifacts include, but are not limited to, vendor security assessment plans, security assessment reports, vulnerability scans, penetration tests, etc.
- Work alongside agency FedRAMP Lead and provide security engineering services.
- Provide support for Continuous Monitoring activities including but not limited to items such as reviewing annual package submissions, reviewing and scoping significant change proposals, reviewing risk acceptance documents, etc.
- Interpret FedRAMP and other agency requirements and provide vendors with guidance regarding expectations, technical requirements, and processes.
- Stay informed of updated FedRAMP guidance, industry best practices, emerging technologies, and Government cybersecurity directives, and provide recommendations to FedRAMP Government lead regarding impacts.
- Conduct security reviews of technologies for use base consideration within CSPs authorization boundary.
- Oversee and manage relationships for assigned systems that may be contractor-owned or contractor-operated, ensuring vendors comply with agency security and privacy requirements.
- Assist stakeholders with IT security-related activities to ensure project deadlines are met.
- Ensure all systems are operated, maintained, and disposed of IAW documented security policies and procedures including but not limited to Assessment & Authorization (A&A).
- Research assigned IT security systems to provide insight into IT security architectures and IT security recommendations for assigned systems.
About Valiant Solutions
Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. We are a HUBZone small business and we encourage all candidates who live in a HUBZone to apply. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you’ll learn to think quickly on your feet and expand your own personal and professional skill set. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect – and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.
Benefits Snapshot (includes, but not limited to)
Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees
Valiant contributes 25% towards Health Coverage for Family and Dependents
100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees
100% Paid Certifications
401K Matching up to 4%
Wellness & Fitness Program
Paid Time Off
Paid Time On – 40 hours to pursue innovation
Valiant University – Online Education and Training Portal
Reimbursement for Public Transit and Parking
FSA programs for: Medical Costs, Dependent Care, Transit, and Parking
Referral Bonuses
The salary range for this position is a general guideline and not a guarantee of compensation or salary. It has been benchmarked in relation to the scope of the role, market rate, and internal equity. The salary for this role is expected to be in the $121,500 - $146,100 range. Where a candidate falls within the band can be determined based on one or more of the following: skillset, experience level, achievements, education, geographic location, security clearance, involvement in corporate tasks, and other non-discriminatory factors. In addition to the base salary, this role will include benefits as described above. Valiant reserves the right to adjust the salary range, experience requirements, and position responsibilities at any time without prior notice.
Remote Work Policy
Remote work necessitates a high level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and Valiant's clients. In alignment with Valiant's inclusive and engaging environment, cameras are encouraged and can be required to be on during virtual video conferences. Additionally, in alignment with the Office of the Inspector General’s effort to eliminate conflicting employment, all Valiant employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval. Employees may not solicit or conduct any outside business during core business hours for Valiant Solutions and our clients.
Equal Employment Opportunity
Valiant Solutions is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex (including pregnancy, sex stereotyping, gender identity, gender expression or transgender status), religion, age, marital status, sexual orientation, military/veteran status, physical or mental disability, genetic information/history or any other personal characteristic protected by law.
Physical Demands
Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Authorization to Share Resume and Personal Information
By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.