Job Description
About Us
Ready to build? So are we. Come join VMware's exciting new Modern Applications Business Unit (MAPBU) team, made up of products and services under the Tanzu portfolio to help customers build, run, and manage their most important applications. We build applications in quick iterations to run in a cloud-native environment, run open-source Kubernetes with consistency, and manage our customer's entire footprint with confidence to help them achieve their business outcomes.

About You:
You are an exceptional, passionate, customer-facing, hands-on accreditation expert who is energized by helping customers transform their accreditation processes and tools to realize the benefits of cloud native applications and architectures. You are a problem solver and the thought of collaborating with a team to help organizations transform to meet the challenges of tomorrow excites you. You are an expert negotiator, enjoy working with other people and are motivated by creating "lightbulb" moments for the people you work with.

What You'll Do:

Help our customer's security and assessment teams transform into an organization with the culture, processes, and tools that support modern DevSecOps principles in the Federal government. As a billing consultant who is part of our services delivery team, you'll help the Authorizing Official, their key team members/leaders and the assessors understand the DevSecOps approach to the Authorization to Operate (ATO) process, layering together the infrastructure, platform, and application or pipeline components. You will also walk the customer's assessors step by step through assessing the Tanzu platform, the application pipelines and the associated processes to accredit their "software factory".

Pair with the customer to create the full Body of Evidence required for accreditation. This will typically include a Body of Evidence (BOE) for the Tanzu platform, as well as a BOE for the "Continuous ATO" accreditation of the CI/CD pipelines along with the associated people and processes that allow new applications to be on-boarded and quickly accredited.

Work collaboratively with the platform deployment and application development teams to ensure the deployed platform, CI/CD pipelines, and application development methods/tools/processes meet the control objectives and line up with the BOE.

Required Skills:

• To meet the requirements of the customer projects, the individual must be a US citizen and eligible for a security clearance.
• Expert level experience in the Federal ATO process and the NIST RMF and authoring the required BOE documents.
• Demonstrated experience with infrastructure architecture with a focus on security, coupled with experience mapping the architecture to the associated controls and effective ways assessors can validate the controls.
• Some familiarity with common application architecture patterns along with application development processes and tools and how they map to the applicable security controls.