Who we are Tria Federal delivers digital services and technology solutions that support the health and safety of veterans, service members and civilians. For two decades, federal agencies have relied on Tria companies to advance their critical missions and modernize their systems, so that they can uphold their commitment to the American people. Today, we are pushing the boundaries of possibility through partnerships and investments in artificial intelligence and emerging technologies, developing solutions for the biggest challenges that government will face tomorrow. We are proud to employ and support military veterans who bring mission-first mindset, technical expertise, and leadership qualities that strengthen our work. Veterans, transitioning service members, and military spouses are strongly encouraged to apply. Job Description We are looking for a Cloud Information Security Analyst (CISA) responsible for taking the lead on implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, setting program policy all the while ensuring a successful program ATO. Our ideal candidate is passionate about being part of a “change”, and working in a dynamic and highly collaborative environment. The CISA provides oversight security posture for corporate systems that support Federal programs. He/She will be responsible for monitoring, evaluating, and maintaining systems and procedures to safeguard internal information systems, networks, databases, and Web-based assets. Basic Requirements US citizen or must be authorized to work in the United States Must have lived in the USA for three years of the last five years Must be able to obtain a US federal gov badge and eligible for Public Trust clearance Must be able to pass a background check, including a drug test Addtional Qualifications Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related discipline Minimum of 6 years related experience in Information Technology including 4 years in Information Security space. Experience in cloud environments such as AWS Commercial and GovCloud. Hands on experience with AWS monitoring and logging services. Preferable experience with Salesforce or similar product platforms Demonstrated work experience with the following computer networking, cryptography, security engineering and architecture, vulnerability assessments, or operating systems required Strong background in certification and accreditation process of information systems and ability to write, review and coordinate system security plans Possesses a working knowledge of several of the following areas is required understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products; and current Internet technology Demonstrated working knowledge of vulnerability assessment and penetration testing tools Understands how to assess vulnerabilities and provide recommendations regardless of first-hand knowledge of the application or system Experience with Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate boundary. Experience with, understanding of and adherence to guidelines such as FISMA, NIST, HIPPA, and IRS Pub-1075 Experience and understanding of tools and platforms such as AWS, Snyk, GitHub, JIRA, Confluence is preferred. Responsibilities Provides support for a program, organization, system, or enclave’s information assurance program Provides support for maintaining security services within the AWS environment. Maintain security workloads running on AWS containers. Maintain security information on JIRA/Confluence and participate in agile DevSecOps practices Run and manage security scans with tools such as Snyk and track fixes. Able to manage source code for AWS infrastructure in GitHub and manage pipelines. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies Maintains operational security posture for FISMA information system or program to ensure information systems security policies, standards, and procedures are established and followed Responsible for implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, all the while ensuring a successful program Authority To Operate (ATO) Assists with the management of security aspects of the information system and performs day-to-day security operations of the system Evaluate security solutions to ensure they meet security requirements for processing classified information Performs vulnerability/risk assessment analysis to support certification and accreditation Provides configuration management (CM) for information system security software, hardware, and firmware Manages changes to the system and assesses the security impact of those changes Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs) Prefered Certifications Industry certification such as the CISSP, CEH, GIAC, etc. AWS Certification Public Trust Clearance This role will require the hired candidate to go through public trust clearance. A minimum of 3 years of stay in the U.S. within the last 5 years is required to be eligible to qualify for public trust clearance sponsorship. As partners in our team's success, we offer a comprehensive compensation structure that includes competitive base salaries, performance-based incentives, spot bonuses, referral bonuses, and more. Why Tria? What defines the Tria brand is more than just our dedication to excellence in our craft; it’s our incredible team of dedicated, talented, and passionate people that make Tria so exceptional. As people powering possible, we are all partners in our team’s shared success. As a company that cares about people, we seek to cultivate a culture in which all can thrive personally and professionally. We offer a top-tier benefits package to invest in your physical, mental, and financial health and wellness so that you can be your best self - at work and in life. At Tria, we are growth-minded, entrepreneurial in spirit, and committed to fostering a culture of inclusion and opportunity for all. Whatever your background, your role, your department, or stage in your professional journey, here you will have opportunities to learn new skills, seize new challenges, and advance your career as we grow. California Consumer Privacy Act (CCPA) We are committed to protecting your privacy. As part of our compliance with the California Consumer Privacy Act (CCPA), we want to inform you about how we collect, use, and protect your personal information during the job application process. For more details, please review https//www.oag.ca.gov/privacy/ccpa. Apply To This Job