Senior Security Specialist, Information Assurance
November 4
Description
• Support in identifying cybersecurity deficiencies in information systems by performing technical assessments. • Manage Assessment Standard Operating Procedures and Testing Templates. • Develop testing artifacts for each system to include technical assessment plan and documentation. • Conduct assessments through review of security documentation, vulnerability scan results, and audit logs. • Document the results of technical assessments in the draft Security Assessment Report (SAR). • Produce Final SAR within 5 business days after assessment exit conference. • Collect and securely store all final materials and media submitted by the system test team according to the SOP.
Requirements
• At least 4 years of NIST Security Control Assessor (SCA) experience. • Must have led Assessment teams from planning through execution and finalization an of assessment. • Capable of performing in a fast-paced environment. • Strong communication skills both verbally and in written form. • Mastery of control assessment requirements based on the NIST 800-53A. • Technical expertise in assessing environments such as but not limited to Applications, Operating Systems, Databases, Appliances, Cloud Environments, and Physical environments to validate a full deployment of a defense in depth strategy. • In depth understanding on how to read Nessus scan reports and identifying security vulnerabilities, configuration settings, and security compliance. • Proficient technical writing skills developing control findings, detailed assessment reports, technical requests for the system engineers, and other security assessment documentation. • Extensive experience conducting assessment interviews of system engineers, administrators, and other support personnel including demonstrations to accurately validate system configurations. • Work well within and leading teams with a positive attitude and can solve problems without supervision. • Deep knowledge of Security Control testing and validation on both technical and policy areas. • CSAM experience. • Working knowledge of DHS 4300 Policy. • At least 1 year of Splunk experience or Splunk certification.
Apply NowSimilar Jobs
November 4
Linqto
51 - 200
InfoSec Engineer at Linqto ensuring data security and IT infrastructure protection.
November 3
Great Plains Communications
201 - 500
Lead cybersecurity strategy at Great Plains Communications.
November 3
Site Security Auditor at ISE for vendor audits in media and entertainment.
November 3
Forum Ventures
51 - 200
Lead a new venture solving challenges in voice AI for Forum Ventures.