cover image
Conviso Inc.

Conviso Inc.

www.convisoinc.com

2 Jobs

70 Employees

About the Company

At Conviso, we empower both government and commercial clients by delivering tailored professional services that drive success and help them overcome unique business challenges. With technology as a key enabler, we transform objectives into achievements. As a diversified provider of IT and management consulting solutions, we specialize in building and maintaining lasting solutions that meet the ever-evolving needs of our clients. Whether supporting federal agencies or commercial enterprises, Conviso is committed to excellence and delivering results that matter. We also believe that our employees are our greatest asset, and we prioritize their well-being with a range of comprehensive benefits, including: Generous Paid Time Off (PTO) Remote Work Flexibility Comprehensive Health, Dental, and Vision Plans 401(k) Professional Development Opportunities At Conviso, we foster a culture of growth, balance, and care, ensuring that both our clients and employees thrive. #ITConsulting #ManagementConsulting #GovernmentSolutions #TechInnovation #ClientSuccess #ConsultingExcellence #WorkLifeBalance #EmployeeBenefits #CareerGrowth #RemoteWork #CompanyCulture

Listed Jobs

Company background Company brand
Company Name
Conviso Inc.
Job Title
SoC Analyst
Job Description
Job title: SoC Analyst Role Summary: Manage end‑to‑end SOC 1 audit readiness for federal partners, maintaining compliance documentation, preparing reports, and coordinating audit activities to meet DoD FIAR, SSAE 18, and FISCAM standards. Expectations: Maintain active Secret/Tier 5 Secret clearance; adhere to NIST security policies; demonstrate expertise in FIAR, FISCAM, SSAE 18, OMB A‑123, RMF, and related audit frameworks; provide timely audit artifacts and corrective action tracking. Key Responsibilities: - Oversee partner and customer onboarding for SOC 1 audits, including scheduling, communication, and technical meetings. - Create, update, and manage Compliance Audit Support Plans and Assertion Packages. - Provide transaction data, system logs, and reports for SSAE 18, FOIA, and financial audit milestones. - Generate SSAE 18 reports (9‑month period), bridge letters, and map Complementary User Entity Controls (CUECs). - Map system inputs–edit checks–interfaces–outputs to internal controls and IPA test procedures. - Recommend control improvements, draft CAPs, and track corrective actions for OMB A‑123, FISCAM, and RMF reviews. - Supply real‑time compliance status, weekly report updates, and attend audit meetings. - Deliver digital artifacts and support IPA assessments during examination. Required Skills: - In‑depth knowledge of SOC 1/SAASE 18 audit processes and documentation. - Proficiency in FIAR methodology, OUSD(C) requirements, and NIST security frameworks. - Strong analytical, documentation, and communication skills. - Ability to coordinate multi‑department stakeholders and manage timelines. - Experience with audit software and data provisioning for audit evidence. Required Education & Certifications: - Bachelor’s degree in Accounting, Finance, Information Systems, or related field (preferred). - Professional certifications: CISA, CISM, or equivalent audit/compliance credential highly desirable. - Active Secret (Tier 5) security clearance or higher.
Alexandria, United states
On site
19-09-2025
Company background Company brand
Company Name
Conviso Inc.
Job Title
Security Vulnerability Analyst
Job Description
**Job Title:** Security Vulnerability Analyst (VM Security Analyst) **Role Summary:** Perform vulnerability management and security engineering tasks, including OS hardening, compliance, and risk analysis. Analyze scan data, generate metrics, and support leadership with actionable insights while maintaining required security clearances. **Expectations:** - Minimum 5 years of hands‑on vulnerability management or security engineering experience. - Active Secret/Tier 3 clearance. - Ability to work hybrid with occasional on‑site attendance. - Demonstrated proficiency with security frameworks, network protocols, and common vulnerabilities. **Key Responsibilities:** - Conduct vulnerability assessments, scans, and OS hardening using STIGs and IAVM guidelines. - Analyze and trend vulnerability data; prepare weekly metrics and reports for leadership. - Maintain and update security tools (e.g., ACAS, Splunk, Red Hat Advanced Cluster Security, MECM, Tanium, MDE). - Develop and enforce compliance with security standards (NIST, ISO 27001). - Provide remediation guidance and support incident response as needed. - Collaborate with cross‑functional teams to implement security controls and improvements. **Required Skills:** - In‑depth knowledge of network protocols, operating systems, and common vulnerabilities. - Working knowledge of ACAS and PowerShell scripting. - Experience with vulnerability management tools (MECM, Tanium, Microsoft Defender for Endpoint). - Familiarity with Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk (strongly desired). - Ability to interpret and apply STIGs and IAVM program requirements. - Strong analytical, reporting, and communication skills. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). - 8570‑compliant certification (e.g., CompTIA Security+, CISSP, or equivalent). - Active Secret/Tier 3 security clearance.
Seaside, United states
Hybrid
Mid level
23-10-2025