Cloud Aware RMF, Compliance and Risk Management Lead

Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.
The cloud aware RMF, Compliance & Risk Management Lead will be responsible for leading and delivering across a number of special projects, both internal and client facing. If you are well versed in cloud-native technologies, have a strong grounding in RMF, and thrive working in a fast-paced environment across multiple projects, delivering high impact results for external and internal stakeholders, customer success, this role could be for you.
This is a tremendous growth opportunity for the those looking to work modern technology stacks, multiple compliance frameworks, and be a key participant in business development efforts as well as a leader in the creation of innovative intellectual capital in support of TDI’s core competencies.
RESPONSIBILITIES:

• Lead, advise, manage, and perform all aspects of implementation of the Risk Management Framework (RMF) for cloud native DoD systems and tooling (obtain and maintain ATOs)
• Conduct security control / risk assessments, vulnerability analysis, and continuous monitoring activities
• Leverage Google Cloud Platform (GCP) and Microsoft tools and services to enhance system security and compliance
• Ensure customer/partner relationship building / customer success
• Lead, manage, and perform work on TDI Core Competency area of GRC and DevSecOps
• Lead, manage, and perform work on internal CMMC and ISO 27001:2022 compliance
• Support BD efforts as needed to include partner / customer relationship building and proposal support

 QUALIFICATIONS:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field with four (4)+ years of experience with DoD RMF processes and implementation in cloud native environments
• Minimum 2 years’ experience working with software development / modern IaC tools and practices, GitLab, CI/CD, and DevSecOps, etc.
• Minimum of 1 years of experience with Google Cloud Platform (GCP) services and security tools such as Cloud Security Command Center, Identity and Access Management (IAM)
• Experience with automated security testing tools and continuous monitoring solutions
• Experience with other cloud platforms (AWS, Azure) and multi-cloud security strategies
• Minimum of 1 years of experience serving as an ISSM or comparable role, managing small teams and performing project management activities
• Ability to work independently as an individual contributor (SME) and in a team environment
• Strong time management, analytical, and problem-solving skills

 PREFERRED QUALIFICATIONS:

• Active DoD Security clearance / ability to receive up to Top Secret clearance
• Certifications such as CISSP, CISM, CAP, or equivalent
• Google Cloud certifications (e.g., Google Cloud Certified - Professional Cloud Architect, Professional Cloud Security Engineer)
• Master’s degree in Cybersecurity, Information Technology, Computer Science, or related field
• Expertise in developing and maintaining ISO 27001 documentation and/or CMMC / NIST 171 documentation
• Experience with cybersecurity metrics