Security Control Assessor (Senior Consultant)

Guidehouse•Tysons Corner, VA

10d

About The Position

Our Cybersecurity Consultants are a team of business integrators with extensive consulting and industry experience who help our clients solve their complex business issues from strategy through execution. A career in an integrated team of developers and consultants provides the opportunity to grow and contribute to our clients' business issues every day, applying a collection of security spectrum capabilities, including security strategy and governance, IT risk, security technologies, and cybercrime and breach response . Guidehouse is currently seeking technical professionals in support of our Department of Defense client . We are seeking an experienced Security Control Assessor (Senior Consultant) with a proven track record to possess and apply comprehensive knowledge of security control assessments across multiple complex assignments, specifically for government clients. The Security Control Assessor will apply security control assessment expertise on multiple complex assignments. Responsible for conducting a comprehensive assessment of the RMF management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system) .

Requirements

Bachelor's Degree with a minimum of five (5) years of related experience
Ability to identify obstacles and opportunities that impact the success of plans or initiatives.
Experience developing and maintaining trusted relationships with Federal clients onsite.
Experience managing direct client engagement team to deliver impactful support to Federal clients.
Communicates effectively and demonstrates leadership role with clients and fellow team members.
Excellent oral and written communication and presentation skills.
Demonstrated experience in developing security controls artifacts and evidence, including but not limited to: System Security Plans (SSPs), Risk Assessment Reports, and POA&Ms
Demonstrated experience in security controls assessments and applying the Risk Management Framework.
An ACTIVE and MAINTAINED “Secret” security Federal or DOD clearance.

Nice To Haves

At least one cyber certification: Security+, Certified Cloud Security P rofessional (CCSP ) or AWS Certified Solutions Architect.

Responsibilities

Conduct a comprehensive assessment of the RMF management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls.
Develop security plans, generate assessment reports, and formulate remediation POA&Ms.
Perform assess-only services where applicable and authorized by the Government.
Recommend corrective actions to address identified vulnerabilities.
Identify systemic causes of any findings (both self-assessed and those discovered by inspection).
Provide an assessment of the severity of weaknesses or deficiencies discovered in the environment of operation.

Benefits

Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Position may be eligible for a discretionary variable incentive bonus
Parental Leave and Adoption Assistance
401(k) Retirement Plan
Basic Life & Supplemental Life
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
Short-Term & Long-Term Disability
Student Loan PayDown
Tuition Reimbursement, Personal Development & Learning Opportunities
Skills Development & Certifications
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Emergency Back-Up Childcare Program
Mobility Stipend