Security Control Assessor with Security Clearance
Security Control AssessorSeniorBethesda, MD15-013 Bachelor's degree in computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related disciplineo Four years of additional demonstrated work experience in Security Control Assessor (SCA) and Defensive Cyber Operations (DCO)Testing will be accepted in lieu of a bachelor's degreeo A Master's degree in an applicable discipline be substituted for three years of demonstrated work experience o Three (3) years of cybersecurity experience with at least one year of experience conducting SCAs under ICD 503/CNSSI 1253 NIST Cybersecurity Framework, Risk Management Framework (RMF), or a similar frameworko One full year of SCA experiences within the last three calendar yearso One full year supporting cloud environment and experience performing security assessments in a cloud environment (AWS, Google, IBM, Azure, and Oracle)o Must meet Department of Defense (DOD) 8570.
01-M baseline certification requirement for Information Assurances Technical (IAT) Level III CASP+CE, CCNP Security, CISA, or CISSP or Associate, GCED, GCIH, or CCSPo Knowledge of Independent Verification & Validation (IV&V) of security controlso Knowledge of general attack strategies (e.
g.
, MITRE ATT&CK Framework)o Knowledge of NISPOM, ICD 503, NIST SP 800-53, ICD 705, and other ICDs as appropriateo Skill in conducting vulnerability scans and recognizing vulnerability in security systems (e.
g.
, Cloud Environments) ASW, Google, IBM, Azure, and OracleOther Requirements:
o Make recommendations to the IC CISO or designee for improving TTPS for better cyber threat protectiono Knowledge of system and application security threats and vulnerabilitieso Knowledge of network access, identity, and access management e.
gpublic key infrastructure (PKI)o Knowledge of network protocols such as Transition Control Protocol/Internet Protocol (TCP/IP), Dynamic Host Configuration, Domain Name System (DNS), and directory Serviceso Ability to assess the robustness of security systems and designso Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)o Three years of experience performing security assessments in a cloud computing environmento Strong writing skillso Write final reports and defend all findings, including risk or vulnerability, mitigation strategies, and referenceso Report vulnerabilities identified during security assessmentso Write penetration testing Rules of Engagement (ROE), Test Plans, and Standard Operating Procedures (SOP)o Conducted security reviews, technical research and provided reporting to increase security defense mechanismso Travel Domestic and International Travel 0-25%.
Recommended Skills Application Security Assessments Certified Information Security Manager Certified Information Systems Security Professional Cisco Certified Network Professional Cisco Certified Security Professional Apply to this job.
Think you're the perfect candidate? Apply on company site Estimated Salary: $20 to $28 per hour based on qualifications.
01-M baseline certification requirement for Information Assurances Technical (IAT) Level III CASP+CE, CCNP Security, CISA, or CISSP or Associate, GCED, GCIH, or CCSPo Knowledge of Independent Verification & Validation (IV&V) of security controlso Knowledge of general attack strategies (e.
g.
, MITRE ATT&CK Framework)o Knowledge of NISPOM, ICD 503, NIST SP 800-53, ICD 705, and other ICDs as appropriateo Skill in conducting vulnerability scans and recognizing vulnerability in security systems (e.
g.
, Cloud Environments) ASW, Google, IBM, Azure, and OracleOther Requirements:
o Make recommendations to the IC CISO or designee for improving TTPS for better cyber threat protectiono Knowledge of system and application security threats and vulnerabilitieso Knowledge of network access, identity, and access management e.
gpublic key infrastructure (PKI)o Knowledge of network protocols such as Transition Control Protocol/Internet Protocol (TCP/IP), Dynamic Host Configuration, Domain Name System (DNS), and directory Serviceso Ability to assess the robustness of security systems and designso Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)o Three years of experience performing security assessments in a cloud computing environmento Strong writing skillso Write final reports and defend all findings, including risk or vulnerability, mitigation strategies, and referenceso Report vulnerabilities identified during security assessmentso Write penetration testing Rules of Engagement (ROE), Test Plans, and Standard Operating Procedures (SOP)o Conducted security reviews, technical research and provided reporting to increase security defense mechanismso Travel Domestic and International Travel 0-25%.
Recommended Skills Application Security Assessments Certified Information Security Manager Certified Information Systems Security Professional Cisco Certified Network Professional Cisco Certified Security Professional Apply to this job.
Think you're the perfect candidate? Apply on company site Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
