[Remote] Zero Trust Senior Auditor (Assessor)

Note: The job is a remote job and is open to candidates in USA. Zermount Inc. is seeking a Zero Trust (ZT) Senior Assessor (Auditor) who will be responsible for the oversight, development, and execution of assessments of clients' enterprise and systems for compliance with ZT principles. The role involves performing complex risk analyses, providing recommendations, and collaborating with cross-functional teams to ensure adherence to security requirements and zero trust principles.

Responsibilities

• Perform complex risk analyses which also include risk assessment to identify compliance with ZT, and security requirements based upon the analysis of people, processes, technologies, and requirements of all pillars in the CISA ZTA Maturity Model
• Perform assessment and analysis of designs, architectures, configurations, and implementation of ZT principles and security capabilities
• Provide recommendations, solutions, and capabilities to ensure the required ZT principles are implemented to meet the requirements of the ZT maturity model and requirements based on EO and OMB M
• Review and analyze system, application, or network changes, upgrades and provide input and cybersecurity impacts. Conduct assessment of ZT architectural and configuration changes made by the O&M team(s)
• Conduct a ZT review and assessment of all existing cybersecurity and IT capabilities. Provide results and reports on: Criteria for Zero Trust readiness and assessment results
• Conduct analysis to identify gaps in existing capabilities to meet compliance and target ZT maturity model level
• Assist with reviewing and interpreting Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, and recommended best practices and provide recommendations and potential solutions to meet requirements
• Provide guidance and insights necessary for meeting requirements established through the OMB M's or EO's
• Assist and support for all internal and external ZT data calls, requests, audits, compliance, and updates – ensuring accurate information and statuses are obtained and provided
• Conduct assessments to determine the implementation of ZT principles across all pillars (identity, device, network, application and workload, and data) to assist the client in meeting the requirements set forth by EO 14028 and OMB M 22-09
• Develop and execute assessments of existing security architecture and recommend enhancements using ZT principles and requirements
• Provide responses and solutions for ZT related questions, concerns, and issues, providing guidance and strategic recommendations to leadership and other stakeholders, to ensure compliance with ZT, EO and OMB requirements
• Collaborate with security engineers, architects, and other IT professionals to design, implement, and maintain ZTA capabilities, and ensure continuous compliance with ZT target maturity model level
• Conduct periodic reviews and audits to ensure the proper function of ZT principles/capability implementations and adherence to regulatory requirements
• Provide responses to ZT violations, assisting in the investigation and mitigation of weaknesses
• Create detailed reports, and briefings outlining the results of ZT assessments, including areas of strength, areas of improvement, and recommendations for moving forward
• Stay current with the latest developments in ZT methodologies and related cybersecurity trends

Skills

• At least 5 years of experience in cybersecurity, information technology, or related field
• Experience and Knowledge of ZT architecture, principles, methodologies, EO 14028, OMB M 22-09, Federal, DoD, and CISA Zero Trust Architecture, Maturity Model, Technical Reference Architectures, NIST, Cloud, and Risk Management Framework (RMF)
• Strong understanding of zero trust principles and how they can be applied to various types of information systems
• Proficient in risk assessment methodologies and security architecture frameworks
• Experience with cloud-based environments and technologies
• Knowledge of common cybersecurity threats and how to counteract them using ZT principles
• Excellent communication skills, with the ability to explain complex concepts in a clear, concise manner
• Strong problem-solving skills, with a proactive attitude towards identifying potential issues and implementing solutions
• Must be able to conduct system analysis to detect issues with performance
• Well versed in developing and implementing IT solutions to resolve technical challenges
• Ability to work independently and as part of a team
• Ability to navigate complex and politically sensitive client environments with professionalism, patience, and tact
• Demonstrated ability to effectively engage and manage relationships with highly political clients while maintaining a professional demeanor, exhibiting patience, and navigating sensitive situations with tact
• Minimum of a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, IT, cyber security, or a related field
• A minimum of at least one of the following certifications is required: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certificate of Cloud Security Knowledge (CCSK), Certified Chief Information Security Officer (CCISO), or certification included in DoD 8570.1 IAT Level II or III categories
• Minimum of an active Secret Clearance

Company Overview

• Zermount, Inc., a Certified SDVOSB, was founded by Terry Butler a proven leader and Cybersecurity/Information Technology (IT) professional with over15 years’ experience supporting the Federal Government and commercial clients. It was founded in 2013, and is headquartered in Arlington, Virginia, USA, with a workforce of 51-200 employees. Its website is https://www.zermount.com.

Apply tot his job Apply To this Job