Security Control Assessor - Expert -LEIA 0064

Security Control Assessor- Expert

Core Hours: 9 am - 3 pm

• Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
• Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team.
• Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation including system level attacks and user level attacks.
• Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
• Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)

• Demonstrated experience conducting hands on security testing, analyzing results, documenting risks, and recommending countermeasures
• Demonstrated experience developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations and instructions
• Demonstrated experience providing threat analysis based on identified security vulnerabilities
• Develops and documents security evaluation test plans and procedures
• Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation
• BA/BS 8+ years of technical related experience

Required Skills:

• Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)
• Strong understanding of the Assessment and Authorization (A&A) process
• Excellent oral and technical writing skills

Desired Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH