We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Age Solutions jobs

Senior Cloud Security Assessor

Age Solutions
$140,000 - $150,000
United States, Maryland, Fort Meade
Apr 11, 2025
About Us
AGE Solutions is a premier technology and professional services company, providing in-depth consulting, advanced technology solutions, and essential services throughout the U.S. government, defense, and intelligence sectors. Prioritizing innovation and client-focused solutions, we assist major agencies in addressing intricate issues and ensuring a more secure future.

AGE Solutions is looking for a Senior Cloud Security Assessor to join our team in support of an upcoming cybersecurity risk management and assessment program with our DoD customer. In this position, you will perform DoD and FedRAMP Cloud Authorization on-going support to include ConMon, annual reviews and extensions, and significant change requests (SCRs) of CSPs through reviews, recommendations, written reports, and briefings.

Individuals in this role must be available to work on-site at Ft. Meade, MD for the majority of the workweek.

Responsibilities Include:



  • Conduct thorough reviews and analyses of Deviation Requests including validations or justifications for security findings
  • Evaluate and develop Monthly One Pagers that summarize the cybersecurity posture of Cloud Service Offerings (CSOs)
  • Perform Annual Assessments to validate the implementation of mandatory security controls across the CSO baseline and assess one-third of the remaining controls annually
  • Prepare and review weekly Playbooks to report on the Continuous Monitoring (ConMon) status of designated CSOs
  • Review and assess Security Change Requests (SCRs) that propose new requirements or capabilities for CSOs
  • Analyze scan data, Plans of Action and Milestones (POA&Ms), and other change artifacts to assess ongoing risk posture changes of Cloud Service Providers (CSPs)
  • Ensure the DoD and FedRAMP monitoring programs enable effective oversight of CSPs by providing risk-based data to inform Authorizing Officials (AOs)
  • Perform ongoing assessments and validations to confirm that security controls are implemented and compliant with DoD and FedRAMP standards
  • Ensure effective operation of system safeguards and controls through a proactive, risk-based monitoring approach
  • Maintain continuous visibility into CSP applications and devices to support data-driven decision-making and adherence to authorized risk thresholds
  • Support risk-based situational awareness for network security by conducting architectural reviews that expedite mitigation efforts
  • Integrate security and risk management processes to identify actionable items driven by threat and vulnerability assessments
  • Validate that CSPs regularly perform vulnerability scans as mandated by DoD and FedRAMP security control requirements
  • Recommend and oversee the submission and review of POA&Ms, vulnerability scans, Playbooks, Change Requests, Deviation Reports, and Monthly One Pagers
  • Contribute to a leverage model that reduces government costs, time, and resources associated with ConMon for cloud systems
  • Conduct Annual Assessments in accordance with FedRAMP and DoD requirements
  • Provide comprehensive ConMon compliance assessments and risk analyses for each assigned CSO including input for annual reviews, extension and change requests, Binding Operational Directives (BODs), and Emergency Directives (EDs) supported by documentation, recommendations, reports, and briefings
  • Upload all documentation or changes in control status related to ConMon activities into eMASS or a government-designated Governance, Risk, and Compliance (GRC) system
  • Document ConMon standards and frameworks
  • Utilize government-specified cybersecurity tools to support cyber compliance monitoring and maintenance


Requirements:



  • Bachelor's degree (IT-related field preferred)
  • Eight (8) years of overall experience in cybersecurity or network security position; with at least 5 years in cloud security assessment or continuous monitoring roles
  • Have an active DoD Top Secret clearance with SCI eligibility
  • DoD 8570 IAM/IA Technical (IAT) Level III certification
  • Strong knowledge and hands-on experience with FedRAMP, NIST SP 800-53, DoD RMF, and related cybersecurity frameworks
  • Proven experience working with Cloud Service Providers (CSPs) in a government or regulated environment
  • Expertise in evaluating security control implementations, conducting Annual Assessments, reviewing POA&Ms, deviation requests, and other artifacts related to risk posture
  • Demonstrated experience using eMASS, and familiarity with other GRC tools used by DoD or federal agencies
  • Solid understanding of vulnerability scanning tools, SIEM platforms, and security monitoring tools
  • Strong analytical skills with the ability to interpret technical data and identify risks and mitigation strategies
  • Excellent verbal and written communication skills to produce technical reports, risk summaries, and briefings for stakeholders including Authorizing Officials (AOs)
  • Experience developing or maintaining Continuous Monitoring (ConMon) plans, reports, and dashboards
  • Ability to work independently and collaboratively in a fast-paced, mission-critical environment


Compensation: $140,000 - $150,000

Applied = 0
MORE JOBS LIKE THIS

(web-77f7f6d758-rcqbq)