Cybersecurity Technical Auditor

NANA Regional Corporation-posted 9 months ago
Onsite • Aberdeen Proving Ground, MD
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

SAVA is looking for a Cybersecurity Technical Auditor to work at Aberdeen Proving Ground, TX. Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC). Responsibilities include performing Secure Code Review, using HP Fortify to examine code scan results submitted by developers, identifying and verifying noted false positives, providing comments on scan results and vulnerabilities present, and recommending POA&M mitigations. Additionally, the role involves conducting Software and Hardware Assessments of installed software on isolated VM and assessing software against 800-53 controls and AS&D STIG, using Wireshark and Attack surface analyzer to assess software traffic and connections, and assessing Hardware against named Security Technical Implementation Guides (STIGs) or Security Requirements Guides (SRGs). The auditor will document assessment results and potential mitigations, assist with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations, and perform STIG checklist reviews for packages managed by the branch. The position also includes providing auditing of technical controls within eMASS.

  • Plans and implements security measures to protect computer systems, networks, and data from loss and service interruptions.
  • Analyzes and documents security risks, breaches, and other cyber security incidents and the damage they cause.
  • Oversees the monitoring of the computer networks for security issues.
  • Installs and operates security software and measures to protect systems and information infrastructure, including firewalls and data encryption programs.
  • May train staff on network and IT security procedures.
  • Handles complex issues and problems and refers only the most complex issues to higher-level staff.
  • Possesses comprehensive knowledge of subject matter.
  • Performs work under minimal supervision.
  • May act as a lead.
  • Active Secret security clearance
  • Bachelor's Degree in directly related field and at least 5 years of relevant experience; relevant work experience may be substituted for bachelor's degree.
  • Must hold one of the following DOD 8570 baseline certifications: CSSP-AU (CEH, CySA+ (formerly CSA+), CISA, GSNA, CFR, PenTest), IAT III or IASAE (CASP+CE, CISSP (or Associate), CSSLP)
  • Must possess DOD 8570 baseline certifications meeting the requirements for: IAT Level II or IAM Level I
  • Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
  • Specialized experience in AS&D STIG compliance, secure software development/testing, static and dynamic code analysis, software assurance, software assessments application threat modeling.
  • Performing software and hardware risk and vulnerability analysis or a closely related function, such as technical assessment of software for networks, applications and systems.
  • Using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, or other software assurance tools.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service