Security Control Assessor
About The Position
As a systems security and network security engineer, you will identify the appropriate tools, systems, and applications needed to assess vulnerabilities and recommend the best solution and security strategy. On our team, you’ll assess a variety of network and security devices and applications in accordance with NIST 800-53 and NIST 800-37 standards. You’ll use your curiosity for technology and market trends to further research and develop security solutions. Using your knowledge and experience, you’ll assess security threats and implement infrastructure controls. In this role, you’ll have impact on the mission by supporting accreditation and authorization packages for both new and existing systems. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers.
Requirements
- Experience utilizing NIST 800-53 security controls
- Experience with NIST 800-37 Risk Management Framework (RMF) requirements
- Experience supporting system authorization activities, including the development and maintenance of security documentation such as System Security Plans (SSPs) and Plans of Action and Milestones (POAMs)
- Experience monitoring system security posture and identifying risks, vulnerabilities, and compliance gaps
- Experience tracking and managing POAMs and coordinating remediation activities with system stakeholders
- Experience assessing the security impact of system changes and supporting configuration and change management processes
- Experience preparing systems for security assessments, audits, and Authorizing Official reviews
- Ability to support continuous monitoring activities, including vulnerability management and security reporting, and serve as a security liaison between system teams, cybersecurity operations, and governance bodies
- Top Secret clearance
- HS diploma or GED and 8+ years of experience with Information Assurance (IA), or Bachelor’s degree and 5+ years of experience with Information Assurance (IA)
Nice To Haves
- Experience with operational technology and industrial control systems
- Master’s degree in Information Systems
- CompTIA Advanced Security Practitioner (CASP) or Certified Information Systems Security Professional (CISSP) Certification
Responsibilities
- Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.
- Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises.
- Perform risk and vulnerability assessments in network, system, and application areas.
- Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise.
- Support accreditation and authorization packages for both new and existing systems.
- Assess a variety of network and security devices and applications in accordance with NIST 800-53 and NIST 800-37 standards.
- Assess security threats and implement infrastructure controls.
- Support continuous monitoring activities, including vulnerability management and security reporting, and serve as a security liaison between system teams, cybersecurity operations, and governance bodies.
Benefits
- health, life, disability, financial, and retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
High school or GED
