Senior Manager, DoD Information System Security
Everbridge
AWSCloudCyber SecurityPMP
Cloud Cybersecurity Artifact Collector
CACI International Inc
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteSalary
💰 $75,200 - $158,100 per year
Job Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudCyber Security
About the role
- Auditing cloud systems (Azure, AWS) to ensure alignment with DoD, DHS, and federal cybersecurity standards\n
- Evaluate security controls and cloud configurations against FedRAMP, NIST SP 800-53, STIGs, and SCCA\n
- Analyze system security documentation such as SSPs, POA&Ms, incident response plans, and contingency plans\n
- Conduct security control assessments (SCA), penetration testing reviews, and security impact analyses as part of continuous authorization and compliance validation processes\n
- Review and validate logging, alerting, and monitoring practices using Microsoft Sentinel, Azure Monitor, and AWS CloudTrail\n
- Lead or support compliance audits, inspections, and IV&V activities\n
- Provide findings and risk analysis to stakeholders, identifying gaps and offering remediation strategies aligned with security best practices\n
- Track and report on compliance metrics, vulnerabilities, and deviations; ensure documentation supports annual FISMA reporting and continuous monitoring plans\n
- Use eMASS (Enterprise Mission Assurance Support Service) to track RMF packages and manage control implementation evidence\n
- Leverage RegScale for automating compliance tasks, continuous control monitoring, and maintaining system security documentation\n
- Contribute to compliance automation strategies using scripting and tools (PowerShell, Azure Automation, AWS Config Rules)\n
- Coordinate with ISSOs, engineers, and system owners to ensure audit readiness and a proactive cybersecurity posture\n
- Assist the ISSM and ISSOs in preparing documentation for system ATO packages and in maintaining continuous monitoring artifacts\n
- Support ISSM and ISSO efforts in responding to internal and external audits, inspections, and data calls\n
- Collaborate with ISSM/ISSO personnel to ensure accurate, timely, and complete system documentation in accordance with agency requirements
Requirements
- Active Secret Clearance\n
- DoD 8570 IAT Level II Certification (e.g., Security+ CE)\n
- Minimum 5 years of experience auditing or assessing cybersecurity compliance for federal or DoD systems\n
- Strong knowledge of FedRAMP, FISMA, RMF, NIST SP 800-53, STIGs, and cloud compliance practices\n
- Hands-on experience with system security assessments and reporting of audit findings\n
- Familiarity with cybersecurity tools and scanning platforms (e.g., Tenable, Microsoft Defender, Qualys, or similar)\n
- Excellent written and verbal communication skills, particularly in technical documentation and presenting audit findings to stakeholders\n
- Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, or related field\n
- Microsoft certifications (e.g., AZ-500, SC-900, SC-100)\n
- Experience auditing Azure, AWS, or hybrid cloud infrastructures\n
- Familiarity with Secure Cloud Computing Architecture (SCCA) controls\n
- Experience using eMASS to manage system authorizations and RMF artifacts\n
- Experience using RegScale for automated compliance tracking and reporting
