Senior Secret Cleared IT Security SA&A Specialist (10+ Years) to perform security assessments on a hybrid on-prem/cloud environment contributing to the

Our Valued Public Sector client is seeking a Senior Secret Cleared IT Security SA&A Specialist t (10+ Years) to perform security assessments on a hybrid on-prem/cloud environment and contributing to the ConOps obtaining an ATO within the Public Sector

Must Have:

• 10+ years of combined experience in the last twelve (12) in performing IT Security Threat Risk Analysis (TRA) and/or Certification and Accreditation or Security Assessment and Authorization (SA&A).
• 5 years of demonstrated experience in the last eight (8) in the assessment of applied IT security controls, or the evaluation of threats and risks, or the interpretation and application of ITSG-33 IT Security Risk Management Framework, for complex, enterprise-wide applications or information system.
• Secret Clearance

Tasks:

• Working with government departments on determining level of risk for various deployments by performing in-depth reviews and solution design gap analysis between existing controls and attack vectors.
• Performing security assessments for various projects that have hybrid on-prem and cloud presence. Reviewing and contributing to Concept of Operations (ConOps), Technical Requirements Document (TRD), Work Intake Form (WIF), Records of Review (ROR) and other documents that are part of Security Assessment and Authorization (SA&A) and are required for obtaining Authority to Operate (ATO).
• Providing input and feedback and preparing required SA&A documentation.
• Advising and informing senior management to ensure applicable security practices and procedures are followed for various projects.
• Advising senior management to enable them to make well informed decisions for each project when it comes to risk assessment and acceptance according to government policies and directives.
• Providing guidance on diverse cybersecurity subjects and engaging in the assessment of information systems across various impact levels, including evaluations of Cloud service solutions.