This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
About the position
SiloSmashers is looking for a Security Assessment Team lead for the security control assessor and penetration test teams. In addition, this individual will provide compliance assessments of the severity of weaknesses or deficiencies in CISA's CSD information systems and prepare security assessment reports containing the results and findings from the assessment. The individual will serve as principal security advisor on risk matters, technical and otherwise, involving the identification and prioritization of security risk to CISA CSD information systems. This work includes examining risk analysis and mitigation security considerations and providing critical thinking when applying security controls to system design, implementation, and operation of CISA systems supporting the cybersecurity and critical infrastructure protection missions.
Responsibilities
- Assess information systems and prepare security assessment reports with over 10 years of experience.
- Perform host, network, cloud, application-based, and machine learning-based security assessments.
- Conduct comprehensive assessments of management, operational, and technical security controls.
- Create and update the master schedule of all security assessments and deliver it to the Government for approval.
- Develop standard operating procedures, security test plans, assessment schedules, and Rules of Engagement for stakeholders' assessment results and recommendations.
- Complete communication and reporting activities including assessment kickoff meetings, daily statuses, and out-brief meetings.
- Perform annual, ongoing, and ad-hoc assessments supporting the continuous monitoring strategy for all systems with an ATO.
- Collaborate with authorizing officials and/or system owners to plan security assessments as needed.
Requirements
- BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.
- 10+ years of security control assessment experience.
- 6+ years of experience with FedRamp systems (Azure, AWS, GCP).
- Effective written and oral communication skills.
- Previous Federal Government experience is a plus.
