TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role involves conducting comprehensive assessments, identifying vulnerabilities and security risks, and working with IT and development teams to recommend and validate remediation strategies. The ideal candidate possesses a deep understanding of cybersecurity principles, risk management frameworks, and the ability to communicate complex information clearly to technical and non-technical stakeholders.
Key Responsibilities
· Conduct Security Assessments: Perform in-depth evaluations and testing of management, operational, and technical security controls across various systems, networks, and software applications.
· Identify Vulnerabilities and Risks: Utilize assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document findings, and assess the severity of risk.
· Documentation and Reporting: Prepare detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms), for identified weaknesses and deficiencies.
· Ensure Compliance: Verify and validate that systems and processes meet established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP).
· Remediation and Collaboration: Collaborate with system owners, IT teams, and developers to recommend corrective actions, provide guidance on secure practices, and ensure the proper implementation of mitigation strategies.
· Continuous Monitoring: Support the development and implementation of a continuous monitoring strategy and assess proposed changes to information systems that could affect their security posture.
Stay Current: Monitor and analyze security trends, threats, and new technologies to stay updated on emerging risks and mitigation techniques.
Requirements
· Education: A Bachelor's degree in Computer Science, Information Security, Information Systems, or a related field, or equivalent work experience.
· Experience: A minimum of 3-5 years of experience in cybersecurity, risk management, or security assessment/auditing roles.
· Technical Knowledge: Strong knowledge of cybersecurity principles, network protocols, operating systems, and web application security.
· Frameworks and Guidelines: In-depth understanding and practical experience with security frameworks and guidelines such as the NIST 800-series (e.g., RMF, NIST 800-53/53A, FIPS), ISO 27001, or similar.
· Assessment Tools: Proficiency in using security assessment and vulnerability scanning tools (e.g., Nessus, Burp Suite, OWASP ZAP).
· Analytical Skills: Excellent problem-solving, analytical, and critical thinking skills with strong attention to detail.
· Communication: Strong written and verbal communication skills to prepare reports, present findings, and advise diverse stakeholders effectively.
Preferred Certifications
· Certified Information Systems Security Professional (CISSP)
· Certified Information Security Manager (CISM)
· Certified Authorization Professional (CAP)
· Certified Information Systems Auditor (CISA)
· Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) (if applicable to the specific role's focus on penetration testing)
Qualified Security Assessor (QSA) (for roles specifically focused on PCI DSS compliance).
Benefits
At TLA, we build solutions that matter—supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission-focused outcomes for our customers.
We offer a competitive and comprehensive benefits package including:
TLA is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Security Assessor • McLean, VA, United States
Minimum Qualifications:Bachelor's degree in Cybersecurity, Information Technology, a related technical field, or equivalent practical experience.SOC environment or information security role.Experie...Mostrar más
Location: Remote (closest to EST).Project Profile: Experience service/analytics person who has proven experience in investigations, compliance, test security, fraud prevention, risk management, or ...Mostrar más
Security Program Protection Specialist.Culmen International is hiring a Security Program Protection Specialist to provide support for the Research Directorate at the National Geospatial-Intelligenc...Mostrar más
Position Title: Security Specialist-Mid.Senior Security Specialist to provide physical and personnel security services to the Science and Technology Directorate's Office of Space and Counterspace (...Mostrar más
Bachelor's degree or equivalent combination of education and relevant experience is required plus a minimum of 5 years of relevant experience; or Master's degree plus a minimum of 3 years of releva...Mostrar más
Technical Surveillance Countermeasures Practitioner.Responsibilities include but are not limited to:.Ensure Program Compliance and Policy Adherence: Guarantee the TSCM team's full compliance with ...Mostrar más
Assessment & Authorization (A&A) Analyst NEW Apply Location Ashburn, VA Hybrid Type Contract ID j-20221 The candidate will be responsible for evaluating key points in the System Lifecycle, such as ...Mostrar más
CONTINGENT UPON AWARD*****************************.Duties & Responsibilities:.Personnel Security Specific Responsibilities:.The Security Manager will provide policy support and technical guidance f...Mostrar más
HYBRID - 2 DAYS/WEEK - RESTON, VA.This role will join the Incident Response team who monitors and investigates suspicious activity directed at the company's information technology and engineering a...Mostrar más
Lead Security Consultant - Security Assessments.Throughout our worldwide network of experts, clients and communities, we are renowned for our leadership in fire protection engineering a legacy of r...Mostrar más
Defense Mission Expert The Opportunity: To keep pace with emerging technology and a challenging security environment, organizations need help looking at their operations from the outside.Whether es...Mostrar más
TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.Federal, State, and Local Go...Mostrar más
Armed Security Officer - Woodbridge - Immediate Start Current DCJS 01E, 05E, and 75E registration is required before first shift assignment, but not required for consideration.Prior military, law e...Mostrar más
They say that a picture is worth a thousand words, and as a Geospatial Intelligence Imagery Analyst for the Army National Guard, those words protect the lives of U.National Guard Geospatial Intelli...Mostrar más
Faculty Member, Cybersecurity/Information Technology.The Cybersecurity/Information Technology faculty position supports the Cybersecurity and Information Technology programs and strategic oper...Mostrar más
AI labs train foundational models and enterprises build AI agents.We provide frontier evaluations and reinforcement learning environments used to improve LLM capabilities, as well as contextual eva...Mostrar más
MedStar Health is seeking non-invasive cardiologists to join a mid-size, established practice of experienced cardiologists in desired Frederick County, the largest county in Maryland.Be a part of a...Mostrar más
This position is contingent upon contract award.ACAS Subject Matter Experts manage and operate DoD's enterprise vulnerability scanning capability based on Tenable Security Center and Nessus.This ro...Mostrar más
){kind=logo}
