Experience Inc. Jobs

ASRC Federal is seeking a Cloud Cyber Security Subject Matter Expert to support the IT Modernization and cloud engineering efforts for various programs across the ASRC enterprise as part of the Chief Technology Office’s Cloud Capability Service Center (CSC) initiative. Support the migration of systems from the on-premises data centers to commercial cloud computing providers. The team will be responsible for establishing a secure cloud computing environment to support emerging technology requirements. Working closely with our Center of Excellence, the Cloud Cyber SMEs will support the implementation of a continuous ATO solution using compliance as code methodologies to support accreditation packages.

Job Responsibilities:

• Enhance Documentation as Code Plugins to include dynamic data.

• Interact with Open Source and Internal Data models to store, include, or modify data within * as Code environments. Models include NIST OSCAL, custom YAML, XML, JSON, and OSCAP (XCCDF, OVAL)

• Author ETL scripts to include Human Readable documents into Machine readable frameworks

• Utilizes third party and internal tools for continuous monitoring, notification, and graphical representation of Cyber Security Data. Artifacts include both Live Dashboards, automated actions, and Documentation As Code Reports

• Author automation scripts using tools such as Ansible and Terraform

• Build and maintain a software factory solution

Education & Certifications

In addition to directly supporting government missions, your connection with ASRC Federal Centers of Excellence offers you a unique ability to expand and grow through:

• Research and Development initiatives

• Internal technical competitions

• Cross-domain Subject Matter Expertise (SME) Collaboration

• Innovation and technology exploration

• Professional development, training, and tuition reimbursement programs

This is a versatile opportunity to join a people-focused organization and to work with a team in a flexible and enjoyable work environment while making significant impact to customers.

Requirements :

Required skills/experience:

• BS Degree desired

• Familiarity with DevSecOps Principals such as Immutability, Infrastructure as Code, Configuration as Code, Pipelining

• Experience with Commercial Cloud Environments such as AWS and Azure

• Computer Programming and Software Engineering experience. Especially with Python

• Data structure and analysis. Be familiar with data Models, Validators, and Aggregation

• Develop, "as-code" processes. Git, SCM, CICD, Merge/Pull Requests

• Ability and Desire to learn new technologies both independently or through training

• Ability and Desire to train other engineers on any subjects listed in this description

• Qualified candidates will also have 3 or more of the following:

• Testing Methodologies: Chaos Engineering, Automated Testing, UX testing

• Hybrid Cloud and On-Prem Environments: Multi-Cloud architecture

• Migrating live systems to the cloud: Methods including Life/Shift, Refactor, cloud native architecture

• Continuous Monitoring: SIEM Tools such as Splunk, ELK, or Nagios

• Networking: DMZ architecture, cloud networking, Routing protocols (BGP, OSPF), Secure Networking (SDN, VPN Mesh)

• Automated Security Validation: OSCAP(XCCDF,OVAL), NIST OSCAL

• Advanced deployment Architectures: Kubernetes, Docker, Serverless architectures

• US Citizenship to meet clearance requirements

• Advanced cloud cyber security certification HIGHLY DESIRED

• Understanding of Risk Management Frameworks.

• Strong understanding of existing DHS Cyber Security Policies

• Strong understanding of automating packages in DHS’s system of record for accreditation packages

• Strong understanding of NIST and the Risk Management Framework

• Strong understanding of Fedramp controls and packages across multiple IaaS/PaaS/SaaS/LiSaaS services

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.