Current Opportunities

FedRAMP Advisor

About SecureIT:

SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Working with clients to help them achieve (or maintain) FedRAMP authorization
  • Providing Advisory support in all facets of cloud security and federal compliance
  • Drafting system security plans, incident response plans, continuous monitoring plans and other documentation in accordance with NIST requirements
  • Developing or reviewing supporting artifacts
  • Liaising with other 3PAOs during assessments
  • Serving as SecureIT’s primary POC and relationship manager for CSP clients

What you’ll bring to the table:

  • Experience with advising Cloud Service Providers, preferably working for a 3PAO
  • 4+ years of Risk Advisory experience at a professional services firm
  • Experience with Federal compliance initiatives, to include FedRAMP and FISMA
  • Experience with NIST 800-37 and NIST 800-53
  • Experience drafting policies and procedures, system security plans, and other compliance documentation
  • Knowledge of virtualization and cloud technologies
  • Industry certifications such as CISA, CISSP and CSIRC
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

FedRAMP Lead Assessor

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Working with clients in the role of Lead Independent Assessor – Technical Focus
  • Executing test procedures in accordance with FedRAMP and NIST 800-53A R4
  • Interviewing key technical personnel, and reviewing system and process documentation
  • Ensuring that required controls are effectively implemented, and operating as intended
  • Developing Security Assessment Plans (SAP) and Security Assessment Reports (SAR)
  • Authoring corrective actions on how to remediate noted deficiencies
  • Serving as SecureIT’s primary POC and relationship manager for FedRAMP 3PAO clients

What you’ll bring to the table:

  • Experience with advising Cloud Service Providers, preferably working for a 3PAO
  • 4+ years of Assessor experience at a professional services firm
  • Experience with Federal compliance initiatives, to include FedRAMP and FISMA
  • Experience with NIST 800-37, NIST 800-53 and NIST 800-53a
  • Ability to work independently and lead less complex control assessments
  • Knowledge of virtualization and cloud technologies
  • Industry certifications such as CISA, CISSP and CSIRC
  • Ability to clearly document assessment results
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

FedRAMP Assessor

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Working with clients in the role of Independent Assessor
  • Executing test procedures in accordance with FedRAMP and NIST 800-53A R4
  • Interviewing key technical personnel, and reviewing system and process documentation
  • Ensuring that required controls are effectively implemented, and operating as intended
  • Developing Security Assessment Plans (SAP) and Security Assessment Reports (SAR)
  • Authoring corrective actions on how to remediate noted deficiencies
  • Serving as SecureIT’s primary POC and relationship manager for FedRAMP 3PAO clients

What you’ll bring to the table:

  • Experience with advising Cloud Service Providers, preferably working for a 3PAO
  • 2+ years of Assessor experience at a professional services firm
  • Experience with Federal compliance initiatives, to include FedRAMP and FISMA
  • Experience with NIST 800-37, NIST 800-53 and NIST 800-53a
  • Ability to work independently and lead less complex control assessments
  • Knowledge of virtualization and cloud technologies
  • Industry certifications such as CISA, CISSP and CSIRC
  • Ability to clearly document assessment results
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

IT Risk Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing:                                    

  • Evaluating the design and operating effectiveness of technology controls, and recommending improvements where needed
  • Advising senior management on current risk postures, and opportunities for enhancements
  • Working with clients on compliance readiness initiatives (SOC2, SOX, etc.)
  • Performing independent assessments and audits
  • Managing smaller projects and ensuring quality work is delivered within budget
  • Overseeing and mentoring more junior associates

What you’ll bring to the table:

  • 4+ years of experience at a professional services firm, preferably a Big 4
  • Strong working knowledge of information security and audit concepts
  • Experience with control frameworks and compliance requirements (SOC2, SOX, FedRAMP, FISMA, PCI, HIPAA, etc.)
  • Bachelor’s degree in CIS, MIS, IT, or a related field
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

Senior Security Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here:  Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Leading IT security assessments, technical audits, and detailed control reviews
  • Performing security configuration reviews of host operating systems, databases, web infrastructure components, and network devices.
  • Performing penetration testing and vulnerability assessments of networks and web applications.
  • Conducting security process assessments (e.g., event management, incident response, vulnerability management, configuration management, mobile device management).

What you’ll bring to the table:

  • 4+ years of experience at a professional services firm
  • A demonstrated ability to assess systems, applications, and databases for security vulnerabilities and misconfigurations.
  • In-depth experience in IT Audit or Information Security, with a focus in technical configuration and vulnerability assessments.
  • An understanding of the “why” behind recommended security settings and the ability to identify the underlying risks that compromise security.
  • CISSP, CISA, CEH, and Security tool certifications are highly desired, but not mandatory.
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

Compliance Advisor

About SecureIT:

SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Assist Federal government CIOs and CISOs in developing and updating their cyber security strategy and policies
  • Provide project management support to cyber security initiatives
  • Work with stakeholders across the organization to gather and analyze requirements and findings to produce new/updated cyber security deliverables
  • Support CIOs and CISOs in addressing security audit findings and preparing for future security audits
  • Develop documentation and reports to support the security program including agendas/minutes, SOPs, process flows, project plans, white papers, presentations, security scans, A&A documentation

What you’ll bring to the table:

  • Knowledge of Federal cyber security policies (including FISMA and NIST 800-53), requirements and best practices
  • Familiarity with FISMA and other federally required audits/assessments
  • Familiarity with
    • The A&A process
    • ATO attainment/renewal
    • NSOC operations and tools
    • Configuration baselines
  • Excellent communicator – verbal and written
  • Superb customer service skills with an ability to adapt and thrive in a very fast-paced, intense environment with ever changing priorities
  • Ability to work under pressure
  • Ability to work well independently or as a team

secureit-apply-now

IT Auditor - Technical

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Scoping, planning, and conducting security process assessments (e.g., event management, incident response, vulnerability management, configuration management, mobile device management), and detailed control reviews
  • Performing security configuration reviews of host operating systems, databases, web infrastructure components, and network devices
  • Partnering effectively with other team members to promote quality and efficiency on larger, more complex projects
  • Assessing the level risk, the effectiveness of controls, and documenting testing results
  • Communicating risk and security issues in business context (i.e. translate technical risks to business risks)
  • Assisting in managing relationships with clients, representing SecureIT in the community, and helping to grow our business

What you’ll bring to the table:

  • Team Players who want to add to our culture, and integrate well into the existing team
  • A demonstrated ability to assess systems, applications, and databases for security vulnerabilities and misconfigurations.
  • In-depth experience in IT Audit or Information Security, with a focus in technical configuration and vulnerability assessments.
  • An understanding of the “why” behind recommended security settings and the ability to identify the underlying risks that compromise security
  • CISSP, CISA, CEH, and Security tool certifications are highly desired, but not mandatory.
  • A client-first attitude, and an ability to communicate effectively
  • Bachelor’s Degree in Computer Science, Information Systems, Accounting or a related discipline

secureit-apply-now

Web App Pen Tester

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Assisting clients in analyzing software application environments, helping them understand application security problems and methods of solving each
  • Conducting software application testing remotely and at client sites
  • Performing gap analyses of application software environments in compliance with accepted security frameworks and compliance requirements such as FedRAMP, SOC, ISO 27002, NIST 800-53, OWASP, PCI DSS, HIPAA
  • Preparing technical reports containing information security test results and analysis and completing all required written reports with only moderate levels of supervision.
  • Participating in client presentations and briefings is desirable.

What you’ll bring to the table:

  • 4+ years of experience at a firm working with three or more of the following: SaaS application security,  AWS or Azure configurations for software security, full-stack web application architecture, database security and API identity and authorization management
  • Experience implementing or consulting on web application security risk mitigation solutions and methods
  • Understanding the role network security features in enhancing application security
  • Experience in identifying application security weaknesses and explaining safe coding techniques
  • A client-first attitude, and an ability to communicate with software developers and architects effectively

secureit-apply-now

Pen Test Associate

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Assisting clients in analyzing technical environment, helping them understand information security problems and methods of solving each
  • Conducting technical penetration testing remotely and at client sites
  • Performing gap analyses of client environments in compliance with accepted security frameworks and compliance requirements such as ISO 27002, NIST 800-53, OWASP, PCI DSS, HIPAA, GLBA, NERC.
  • Preparing technical reports containing information security test results and analysis and completing all required written reports with only moderate levels of supervision.
  • Participating in client presentations and briefings is desirable.

What you’ll bring to the table:

  • 2+ years of experience at a professional services firm working with one or more of the following: Tenable NESSUS, AppScan, OWASP ZAP, Metasploit, KaliLinux, BURP, etc.
  • In-depth understanding of network security architecture
  • Experience in identifying application security weaknesses and explaining safe coding techniques
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

Cybersecurity Assessor - Technical Assessments

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Leading IT security assessments, technical audits, and detailed control reviews
  • Performing security configuration reviews of host operating systems, databases, web infrastructure components, and network devices.
  • Performing penetration testing and vulnerability assessments of networks and web applications.
  • Conducting security process assessments (e.g., event management, incident response, vulnerability management, configuration management, mobile device management).

What you’ll bring to the table:

  • 4+ years of experience at a professional services firm
  • A demonstrated ability to assess systems, applications, and databases for security vulnerabilities and misconfigurations.
  • In-depth experience in IT Audit or Information Security, with a focus in technical configuration and vulnerability assessments.
  • An understanding of the “why” behind recommended security settings and the ability to identify the underlying risks that compromise security.
  • CISSP, CISA, CEH, and Security tool certifications are highly desired, but not mandatory.
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now

Cloud Security Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Assist Customers to Implement the FedRAMP Requirements and Prepare for Assessment
  • Evaluate cloud based systems and determine system security authorization boundaries, categorizing systems for FIPS PUB 199, Privacy and e-Authorization determinations documenting results.
  • Develop FedRAMP System Security Plan determining and documenting control implementation, control inheritance, tailoring, and other key information required for the FedRAMP System Security Plan (SSP).
  • Identify gaps to customer and assist in remediation of gaps through development of policies, procedures, implementation of tools or processes.

What you’ll bring to the table:

  • At least 1 year of direct, hands on experience in either FedRAMP preparation or FedRAMP assessment.
  • Experience with Amazon Web Services (AWS) either directly in security plan development or assessment or supporting customers to use AWS for their cloud solution in either SSP or assessment capacity
  • Strong technical ability and understanding in cloud technologies (IaaS, PaaS, and SaaS)
  • Experience conducting high quality security assessment of NIST SP 800-53 controls producing Security Assessment Reports with risk analysis.
  • Strong written and verbal communication skills
  • Effective organizational skills with ability to work in a team or individually on tasks
  • Strong skills with MS Office suite (Word, Excel, PowerPoint)

secureit-apply-now

Federal Audit Readiness Consultant

About SecureIT:  SecureIT provides full-spectrum cybersecurity and IT risk services to commercial organizations, government contractors, and the Federal Government. We perform independent assessments and audits, design and implement security solutions, and provide ongoing support to help our clients protect their information systems from cybersecurity threats.

Why you’ll like it here: 

  • Work with diverse and technically challenging IT environments
  • Thrive in a people-focused company culture
  • Collaborate closely with SecureIT executives in managing relationships with clients and growing the security practice
  • Bring positive energy to the company and make a meaningful impact on our success

Our organization is a culture of committed, smart, fun individuals, and we’re always looking for more to join the team. We’re a small organization, but we do big things that successfully impact the portfolio of commercial and federal clients that we serve. The experiences and skills that you currently possess, and the new ones that you will acquire as part of our team, will be invaluable as we continue to grow our business through a diverse array of projects. We are firmly committed to our employees, and we offer an excellent benefits package to ensure that you are well taken care of at SecureIT.

What you’ll be doing: 

  • Leading security & IT readiness assessments, technical audits, and detailed control reviews
  • Performing security configuration reviews of host operating systems, databases, web infrastructure components, and network devices.
  • Performing penetration testing and vulnerability assessments of networks and web applications.
  • Conducting security process assessments (e.g., event management, incident response, vulnerability management, configuration management, mobile device management).

What you’ll bring to the table:

  • 4+ years of experience at a professional services firm
  • A demonstrated ability to assess systems, applications, and databases for security vulnerabilities and misconfigurations.
  • In-depth experience in IT Audit or Information Security, with a focus in technical configuration and vulnerability assessments.
  • An understanding of the “why” behind recommended security settings and the ability to identify the underlying risks that compromise security.
  • CISSP, CISA, CEH, and Security tool certifications are highly desired, but not mandatory.
  • A client-first attitude, and an ability to communicate effectively

secureit-apply-now