Staff Security Engineer at LiveRamp setting technical direction for threat detection and response capabilities. Focusing on security automation and scalable telemetry across multi - cloud environments.
About the role
- Cybersecurity (Cloud Assessment) Manager overseeing security assessments and team at AGE Solutions. Ensuring deliverables meet quality requirements for government clients.
Responsibilities
- Manages nine Cybersecurity Engineers (Mid and Sr) to ensure deliverables are on time and of the required quality.
- Responsible for metrics and tracking all Cloud Assessment deliverables. Prioritizes requirements as needed IAW government. Provides complete and timely Weekly Playbook, Monthly One-Pager, Monthly Status Report (MSR) and Quarterly Progress Report (QPR) for Cloud Assessment section (RE2).
- Prepares slide decks and information papers for the government as needed.
- Meets with division leads and directors as required.
- Manages staff to ensure proper prep and delivery of up to 30 Cloud Security Assessment Packages annually, each including validated cybersecurity controls, certifier recommendations, and a statement of residual risk.
- Ensures technical kickoff meetings are successful.
- Promotes documented and refined assessment procedures and validation best practices to align with DoDI 8510.01 and the DoD Cloud Computing Security Requirements Guide (SRG).
- Oversees completion of Cloud Security Assessment Packages in accordance with established guidelines, including the SAR, POA&M, and any Deviation Requests.
- Draft Authorization Recommendation Memoranda outlining CSO compliance with DoD cybersecurity controls, residual risks, and technical findings.
- Completion of cybersecurity assessments and validations of Cloud Service Offerings (CSOs) in support of the Department of Defense (DoD) Provisional Authorization (PA) process.
- Formal DoD Provisional Authorization memoranda, detailing authorization length, CSO boundary, services provided, operating conditions, DoD usage considerations, and follow-on activities.
- Cloud Service Provider (CSP) documentation packages following government guidance and procedures, including key artifacts such as the Cloud Architecture Diagram, System Security Plan (SSP), SSP Addendum, Readiness Assessment Report (RAR), System Architecture, Security Assessment Plan (SAP), Security Assessment Report (SAR), and associated Plans of Action & Milestones (POA&Ms).
- Validated CSO controls within eMASS or other government-provided Governance, Risk, and Compliance (GRC) tools; ensure accurate tracking in the Mission Status Report (MSR).
- Customer Responsibility Matrix (CRM), ensuring proper control inheritance is reflected in eMASS/GRC systems.
- Review, analysis, and processing of additional documents including Change Requests, Extension Requests, Deviation Requests, Whitelist Requests, Corrective Action Plans, templates, process guide approvals, and continuous monitoring (ConMon) artifacts for existing Provisional Authorizations.
- Upload authorization conditions as system-level POA&Ms in eMASS and monitor their resolution.
- DoD Cloud Process Guide, including all checklists, templates, forms, and guidance documents and ongoing development and annual updates.
- Internal requirements and how-to guides for assessors conducting CSP validations.
Requirements
- Bachelor's degree (IT-related field preferred) or equivalent experience
- Eight (8) years of overall experience in cybersecurity or network security position
- Have an active DoD Top Secret clearance with SCI eligibility or willing/able to obtain
- Familiarity with security controls for Azure, AWS, and assorted cloud platforms
- Solid understanding of DoD Risk Management Framework (RMF), DoDI 8510.01, and DoD Cloud Computing Security Requirements Guide (SRG)
- Familiarity with cloud security documentation, including SSPs, SARs, RARs, and POA&Ms
- Strong technical writing and communication skills to produce security assessment reports and formal recommendations
- Ability to present information to senior government leaders.
Benefits
- 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays. You choose how to use it.
- Performance Bonuses: Performance bonuses are awarded based on individual contributions and company-wide results, aligning recognition with impact.
- 401(k) with Match: We match 3% of your contributions with immediate vesting.
- Financial Protection: Company-paid life insurance up to $300K and options for additional coverage for you and your dependents.
- Health Benefits: Multiple medical plans, dental, vision, FSA and HSA options to fit your needs.
- Parental Leave: 15 days of fully paid leave for new parents, because family matters.
- Military Differential Pay: We bridge the gap for employees on active duty, so they don’t take a financial hit while serving.
- Professional Growth: Paid training and certifications, tuition reimbursement, and the tools and tech to get the job done right.
- Shared Success: In the event of a company sale, our CEO has committed to returning 80% of net proceeds to employees. This ensures our team shares in the long term value they help create.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Architect responsible for Cyber Risk Management and Security by Design at a Swiss utilities company. Engaging in projects to enhance information security and compliance.
Researcher assisting the Cyber Threat Intelligence team at Anomali. Conducting OSINT research, sample analysis, and developing automation workflows.
IT Security Engineer managing Active Directory solutions for OCFO project. Requires 10+ years in Active Directory with a focus on security and automation.
Cybersecurity Engineer focusing on Digital Forensics and Incident Response at Assurity Trusted Solutions. Leading incident response activities and ensuring cybersecurity measures are effectively implemented.
Cybersecurity Officer responsible for driving the Cybersecurity program for Americas at Siemens Healthineers. Collaborating with global teams and overseeing cybersecurity operations.
Cybersecurity and Compliance Specialist at MAPFRE responsible for mitigating risks and ensuring data security compliance. Collaborating with internal teams to promote an ethical culture against internal fraud.
Security Architect for Qualysoft designing and reviewing security architecture for technology divisions. Collaborating on security assessments for infrastructure and endpoint solutions in IT services.
Health and Safety Technician responsible for improving workplace safety at Nespresso's headquarters and boutiques. Managing safety programs and compliance with regulations and standards.
Evaluador/a de Seguridad y Certificación Ferroviario en Bureau Veritas. Gestionando evaluaciones de seguridad en proyectos de transporte ferroviario a nivel internacional.