Job Descriptions:
Readiness Delivered. Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises. We proactively build trusted relationships with our peers, partners and customers, and take ownership for our actions-always striving to do the right thing. As a Security Consultant of Commercial Cybersecurity Services for Kratos, working in a hybrid environment, you will be supporting teams of professionals working to evaluate and secure innovative cloud computing solutions on the most advanced cloud and on-premises infrastructures, by providing security consulting services and performing security assessments. The ideal candidate will have a firm understanding of how to apply the principles of information security in a variety of circumstances and security requirements into common technical implementations. Candidates must have experience working in classified environments. Must have a strong understanding of Federal Risk and Authorization Management Program (FedRAMP) assessments, Department of Defense (DoD) Cloud Service Provider Security Requirements Guide, Committee on National Security Systems Instruction (CNSSI) requirements, and National Institute of Standards and Technology (NIST) Special Publications and Risk Management Framework (RMF).
Key Responsibilities:
Assessor Role
Support assessment teams conducting FedRAMP, DoD SRG, and NIST RMF security assessments.
Review Security Packages (SSP, SAP, SAR, POA&M, Deviation Requests, Significant Change Requests, Continuous Monitoring artifacts) for completeness and compliance.
Validate Cloud Service Provider (CSP) compliance with FedRAMP/DoD/NIST security control baselines through review of evidence, testing, interviews, and analysis of scans, etc.
Support the development of Security Assessment Plans and Security Assessment Reports, including detailed test procedures and findings.
Validate Cloud Service Provider compliance through evidence review, interviews, technical testing, and analysis of vulnerabilities.
Conduct client interviews to assess the operational and technical effectiveness of security controls.
Evaluate cloud security implementations across AWS, Azure, Google, or other IaaS environments.
Required Experience:
Active DoD Secret clearance or higher.
Experience working in classified environments; ability to work in or access a SCIF as required.
Understanding of NIST 800?53 Rev5, FedRAMP, DoD Cloud SRG, CNSSI, and the NIST RMF.
Technical experience implementing security configuration, solutions, and/or cloud services.
Ability to validate cloud-native security implementations (E.g., IAM, logging, encryption, network segmentation, etc.)
Demonstrated ability to determine control effectiveness through documentation review, interviews, and technical testing.
Strong writing skills with the ability to translate technical information into clear assessment procedures and findings.
Strong verbal communication skills and ability to brief technical and non technical audiences.
Proficiency with MS Office and assessment documentation tools.
Certification Requirements: One of the following certifications
Certified Information System Security Professional or Associate (CISSP)
Cisco Certified Network Associate Security (CCNA Security)
Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
Cybersecurity Analyst (CySA+)
GIAC Certified Incident Handler (GCIH)
GIAC Systems and Network Auditor (GSNA)
GIAC Certified Intrusion Analyst (GCIA)
Certified Information Systems Auditor (CISA)
Certified Secure Software Lifecycle Professional (CSSLP)
Certified Information Systems Security Officer (CISSO)
CyberSec First Responder (CFR)
CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
CompTIA Cloud+ (Cloud+)
Global Industrial Cyber Security Professional (GICSP)
Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
BCR Cyber Technical Proficiency Testing Activity
Preferred Skills/Experience:
Prior 3PAO or DoD assessor experience.
Experience leading assessment teams or serving as a technical SME.
Experience with automation, IaC, or cloud-native security tooling.
AI Familiarity
LI-Hybrid
Competitive salary based on experience and education
Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offerings-from commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And we always deliver.
This posting will close within 90 days from the Posting Date.
Keyword: NIST, BCR, Clearance, TS, Secret
Kratos Defense is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.
Disability Accessibility Accommodation
If you require an accommodation to navigate or apply to our careers site, please send your request to HRAccessibility@kratosdefense.com or call 858-964-2916. Any inquires not related to requesting an accommodation will be discarded.
Pay Transparency
The company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.
Job Applicant Privacy Notice
For applicants in the EU and California residents, please review our privacy notice.
From: Kratos Defense
