The job below is no longer available.
You might also like
in Mclean, VA
Security Control Assessor - Expert -LEIA 0064
•27 days ago
Hours | Full-time, Part-time |
---|---|
Location | McLean, Virginia |
About this job
Job Description
Job Description
Security Control Assessor- Expert
Core Hours: 9 am - 3 pm
- Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
- Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team.
- Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation including system level attacks and user level attacks.
- Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
- Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
- Demonstrated experience conducting hands on security testing, analyzing results, documenting risks, and recommending countermeasures
- Demonstrated experience developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations and instructions
- Demonstrated experience providing threat analysis based on identified security vulnerabilities
- Develops and documents security evaluation test plans and procedures
- Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation
- BA/BS 8+ years of technical related experience
Required Skills:
- Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)
- Strong understanding of the Assessment and Authorization (A&A) process
- Excellent oral and technical writing skills
Desired Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH