Security Control Assessor, Expert
Apply NowCompany: Hummingbirds Innovations
Location: Mc Lean, VA 22101
Description:
Title: Security Control Assessor, Expert
Location: On-site McLean, VA
Job Type: Full-time (40 hours per week) with benefits.
Availability: immediate.
Security Clearance: TS/SCI with CI Polygraph.
Years of SCA Experience:
o 4 Years with a PhD
o 6 Years with a master's degree
o 8 years with a BS degree
Job Description
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
Evaluate the security controls within network systems to identify vulnerabilities and recommend actions to correct problems when working either alone or as part of a team. Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation, including system-level attacks and user-level attacks.
Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
Demonstrated experience conducting hands-on security testing, analyzing results, documenting risks, and recommending countermeasures
Demonstrated experience developing risk assessment reports based on review of security plans interviews with developer/customer assessment systems against information assurance policies, regulations, and instructions
Demonstrated experience providing threat analysis based on identified security vulnerabilities
Develop and document security evaluation test plans and procedures
Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities, and providing security remediation
2+ years of technical-related experience
Required Skills:
Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO,and/or other vulnerability scanners)
Strong understanding of the Assessment and Authorization (A&A) process
Excellent oral and technical writing skills
Desired Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH
Location: On-site McLean, VA
Job Type: Full-time (40 hours per week) with benefits.
Availability: immediate.
Security Clearance: TS/SCI with CI Polygraph.
Years of SCA Experience:
o 4 Years with a PhD
o 6 Years with a master's degree
o 8 years with a BS degree
Job Description
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
Evaluate the security controls within network systems to identify vulnerabilities and recommend actions to correct problems when working either alone or as part of a team. Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation, including system-level attacks and user-level attacks.
Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
Demonstrated experience conducting hands-on security testing, analyzing results, documenting risks, and recommending countermeasures
Demonstrated experience developing risk assessment reports based on review of security plans interviews with developer/customer assessment systems against information assurance policies, regulations, and instructions
Demonstrated experience providing threat analysis based on identified security vulnerabilities
Develop and document security evaluation test plans and procedures
Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities, and providing security remediation
2+ years of technical-related experience
Required Skills:
Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO,and/or other vulnerability scanners)
Strong understanding of the Assessment and Authorization (A&A) process
Excellent oral and technical writing skills
Desired Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH