Security Controls Assessor (SCA)

About The Position

Requirements

• Computer networking concepts and protocols, and network security methodologies.
• Risk management processes (e.g., methods for assessing and mitigating risk).
• Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Cybersecurity and privacy principles.
• Cyber threats and vulnerabilities, including application vulnerabilities.
• Specific operational impacts of cybersecurity lapses.
• Authentication, authorization, and access control methods.
• Applicable business processes and operations of customer organizations.
• Capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
• Cyber defense and vulnerability assessment tools and their capabilities.
• Server administration and client operating systems engineering theories, concepts, and methods.
• System software and organizational design standards, policies, and authorized approaches (e.g., international organization for standardization [iso] guidelines) relating to system design.
• System life cycle management principles, including software security and usability.
• Completed Bachelor’s degree from an accredited university, preferably in an IT related field.
• Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
• One or more of the following: CISSP, CISM, or equivalent senior industry recognized cybersecurity certification.
• 5 to 10 years of hands-on work experience with Assessor (SCA) duties; p erforming systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful security authorization of such systems.

Responsibilities

• Determines enterprise information assurance and security standards.
• Develops and implements information assurance/security standards and procedures.
• Coordinates, develops, and evaluates security programs for an organization.
• Recommends information assurance/security solutions to support customers’ requirements.
• Identifies, reports, and resolves security violations.
• Supports customers at the highest levels in the development and implementation of doctrine and policies.
• Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Provides integration and implementation of the computer system security solution.
• Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
• Ensures that all information systems are functional and secure.

Benefits

• Our people make Coalfire Federal great.
• We work together on interesting things and achieve exceptional results.
• We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.
• Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets.
• Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities.
• You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.
• You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.