Security Control Assessor

• Title: Security Control Assessor - Senior/Expert
• Location: Bethesda, MD and McLean, VA
• Duration: Full-time/Permanent
• Clearance: TS/SCI with CI Polygraph
• Years of Experience: 6 years and a bachelor's degree

Responsibilities:

• Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
• Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team. Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation, including system- and user-level attacks.
• Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
• Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
• Demonstrated experience conducting hands-on security testing, analyzing results, documenting risks, and recommending countermeasures
• Demonstrated experience developing risk assessment reports based on a review of security plans and interviews with developer/customer assessment systems against information assurance policies, regulations, and instructions
• Demonstrated experience providing threat analysis based on identified security vulnerabilities
• Develop and document security evaluation test plans and procedures
• Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities, and providing security remediation
• 2+ years of technical-related experience

Required Skills:

• Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)
• Strong understanding of the Assessment and Authorization (A&A) process
• Excellent oral and technical writing skills
• Desired Certifications: GASP, CCNP Security, CISA, CISSP, GCED, or GCIH