Current Opportunities

FedRAMP Risk Advisory Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here:  Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Working with clients to help them achieve (or maintain) FedRAMP authorization
  • Providing Advisory support in all facets of cloud security and federal compliance
  • Drafting system security plans, incident response plans, continuous monitoring plans and other documentation in accordance with NIST requirements
  • Developing or reviewing supporting artifacts
  • Liaising with other 3PAOs during assessments
  • Serving as SecureIT’s primary POC and relationship manager for CSP clients

What you’ll bring to the table:

  • Experience with advising Cloud Service Providers, preferably working for a 3PAO
  • 4+ years of Risk Advisory experience at a professional services firm
  • Experience with Federal compliance initiatives, to include FedRAMP and FISMA
  • Experience with NIST 800-37 and NIST 800-53
  • Experience drafting policies and procedures, system security plans, and other compliance documentation
  • Knowledge of virtualization and cloud technologies
  • Industry certifications such as CISA, CISSP and CSIRC
  • A client-first attitude, and an ability to communicate effectively

FedRAMP Lead Assessor

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here:  Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Working with clients in the role of Independent Assessor
  • Executing test procedures in accordance with NIST 800-53A R4
  • Interviewing key technical personnel, and reviewing system and process documentation
  • Ensuring that required controls are effectively implemented, and operating as intended
  • Developing Security Assessment Plans (SAP) and Security Assessment Reports (SAR)
  • Authoring corrective actions on how to remediate noted deficiencies
  • Serving as SecureIT’s primary POC and relationship manager for FedRAMP 3PAO clients

What you’ll bring to the table:

  • Experience with advising Cloud Service Providers, preferably working for a 3PAO
  • 4+ years of Assessor experience at a professional services firm
  • Experience with Federal compliance initiatives, to include FedRAMP and FISMA
  • Experience with NIST 800-37, NIST 800-53 and NIST 800-53a
  • Ability to work independently and lead less complex control assessments
  • Knowledge of virtualization and cloud technologies
  • Industry certifications such as CISA, CISSP and CSIRC
  • Ability to clearly document assessment results
  • A client-first attitude, and an ability to communicate effectively

IT Risk Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here:  Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing:                                    

  • Evaluating the design and operating effectiveness of technology controls, and recommending improvements where needed
  • Advising senior management on current risk postures, and opportunities for enhancements
  • Working with clients on compliance readiness initiatives (SOC2, SOX, etc.)
  • Performing independent assessments and audits
  • Managing smaller projects and ensuring quality work is delivered within budget
  • Overseeing and mentoring more junior associates

What you’ll bring to the table:

  • 4+ years of experience at a professional services firm, preferably a Big 4
  • Strong working knowledge of information security and audit concepts
  • Experience with control frameworks and compliance requirements (SOC2, SOX, FedRAMP, FISMA, PCI, HIPAA, etc.)
  • Bachelor’s degree in CIS, MIS, IT, or a related field
  • A client-first attitude, and an ability to communicate effectively

Senior Security Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here:  Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Leading IT security assessments, technical audits, and detailed control reviews
  • Performing security configuration reviews of host operating systems, databases, web infrastructure components, and network devices.
  • Performing penetration testing and vulnerability assessments of networks and web applications.
  • Conducting security process assessments (e.g., event management, incident response, vulnerability management, configuration management, mobile device management).

What you’ll bring to the table:

  • 4+ years of experience at a professional services firm
  • A demonstrated ability to assess systems, applications, and databases for security vulnerabilities and misconfigurations.
  • In-depth experience in IT Audit or Information Security, with a focus in technical configuration and vulnerability assessments.
  • An understanding of the “why” behind recommended security settings and the ability to identify the underlying risks that compromise security.
  • CISSP, CISA, CEH, and Security tool certifications are highly desired, but not mandatory.
  • A client-first attitude, and an ability to communicate effectively