Security Control Assessor (SCA)
Maximus
Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7 What you will do:
• Monitor and evaluate system compliance with information technology (IT) security, resilience, and dependability requirements• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy• Experience with assessing cloud-based security authorizations (FedRamp, AWS & Azure) as well as the NIST control responsibilities• Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations• Draft Security Assessment Reports (SAR) based on the findings from the system assessment• Provide expert security advice and recommendations to manage identified risks• Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies
Required Skills:• Candidates must possess an active TS/SCI clearance• A Bachelor's degree is required for this position. 4 years of relevant work experience may be considered in lieu of the degree requirement. An Associate's degree and 2 years of relevant work experience may also be considered in lieu of the degree requirement• 7+ years of experience working with Risk Management Framework (RMF).• 7+ years of experience as a cyber security assessor and/or ISSO• Must meet 8140 baseline certification requirements (CISSP, CCNA, CySA+, GISCP, Sec+CE, CND, SSCP etc.)• 7+ years of experience with the following tools: SCAP, ACAS, Vulnerator, HBSS, eMASS• Excellent written and verbal communication skills• 7+ years of experience understanding DISA STIG Security configuration baselines.
• Monitor and evaluate system compliance with information technology (IT) security, resilience, and dependability requirements• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy• Experience with assessing cloud-based security authorizations (FedRamp, AWS & Azure) as well as the NIST control responsibilities• Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations• Draft Security Assessment Reports (SAR) based on the findings from the system assessment• Provide expert security advice and recommendations to manage identified risks• Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies
Required Skills:• Candidates must possess an active TS/SCI clearance• A Bachelor's degree is required for this position. 4 years of relevant work experience may be considered in lieu of the degree requirement. An Associate's degree and 2 years of relevant work experience may also be considered in lieu of the degree requirement• 7+ years of experience working with Risk Management Framework (RMF).• 7+ years of experience as a cyber security assessor and/or ISSO• Must meet 8140 baseline certification requirements (CISSP, CCNA, CySA+, GISCP, Sec+CE, CND, SSCP etc.)• 7+ years of experience with the following tools: SCAP, ACAS, Vulnerator, HBSS, eMASS• Excellent written and verbal communication skills• 7+ years of experience understanding DISA STIG Security configuration baselines.
Desired Skills:
· Knowledge and experience performing network security vulnerability assessments
Confirm your E-mail: Send Email
All Jobs from Maximus