We help the world run better
Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work.
We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!
SAP NS2 Intel Cloud Security and Governance Consultant- Onsite - Chantilly, VA
Active TS SCI + Polygraph
NS2 COMPANY DESCRIPTION
SAP is the global market leader for business software and related services. SAP National Security Services Inc.® (SAP NS2®) is an independent U.
S. subsidiary of SAP. At SAP NS2, we leverage best-in-breed technologies engineered by SAP to protect the lives, assets and information of Americans.
Weoffer SAP solutions with specialized levels of security and support to meet the requirements of U.S. national security and critical infrastructure customers.
Must be a U.S. Citizen with active TS / SCI with poly; NS2 does not offer Visa sponsorships for this role.
All internals must have manager’s approval to transfer.
The NS2 Intel Security and Governance Consultant candidate will be responsible for leading our security and controls team in delivery and maintenance of solutions that meet our client’s complex needs.
This position is located onsite in Chantilly, VA. Candidate should be hands-on and has the necessary knowledge of cloud-based systems and associated security principals to effectively work with minimal supervision in a cloud environment, understanding the complexities that come with cloud, and can effectively communicate cloud security design / architecture ideas to technical as well as non-technical client stakeholders.
This is a full-time position, and due to security requirements is on-site only.
Skills / Experience Requirements
- Develop and implement cloud-based security policies, standards, and procedures.
- Maintain role-based access controls for cloud-based system components, users, and applications.
- Monitor and analyze cloud-based security threats, vulnerabilities, and incidents.
- Conduct regular security assessments and audits of cloud-based systems to ensure compliance with industry best practices and regulatory requirements.
- Complete necessary RMF processes to shepherd a new asset through the accreditation process through ATO and into monitored operations.
- Spearhead adoption of zero trust architecture(ZTA).
- Implement security controls and measures, such as encryption, access controls, and identity management, to protect cloud-based assets.
- Deep understanding of cloud-based security technologies, including firewalls, intrusion detection and prevention systems, vulnerability scanners, and log analysis tools.
- Experience with cloud-based platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform.
- Ability to troubleshoot security access issues effectively and efficiently, interacting with key functional / business stakeholders as necessary to resolve NS2 Security / GRC errors / exceptions.
- Understanding of NIST, SOX, SOD, and IT General Computer Controls, how these compliance requirements impact security, and provide solutions to address them.
- Hold or have the ability to obtain a required DoD 8570 certification (e.g., CASP+, CISSP) within 6 months of hire.
Desired Experience and Skills
- Systems Administration and / or Cloud certifications a plus.
- Knowledge of Splunk or similar SIEM Platform.
- Understanding of SAP authorization concepts catering to SAP ECC, SAP S / 4 HANA systems, and SAP GRC Access Control (10.
x and 12.x) is preferred.
Awareness and / or experience with SAP BTP Business Technology Platform
Additional Requirements
- BA / BS Degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
- Top Secret Clearance with Polygraph
Note : The job description is meant to be a guideline. It is not exhaustive, and we will expect the selected candidate to show flexibility and eagerness to undertake varied tasks and projects