1948 - Security Control Assessment SME
Procession Systems
Reston, VA, US
Remote
Full-time
GENERAL DUTIES :
- Serve as the security control assessment (SCA) subject matter expert (SME), providing guidance and responding to SCA team questions to complete daily tasks, and troubleshoot issues to resolution.
- Responsible for managing the day-to-day operations of the SCA team to assess the severity of weaknesses or deficiencies discovered in the client's information systems and its environment of operation and recommend corrective actions to address identified vulnerabilities.
- Responsible for overall coordination, status reporting, and stability of complex and cross-functional IT project-oriented work efforts.
- Establish and implement project management processes and methodologies to ensure all projects are delivered on time, within budget, adhere to high quality standards, and meet customer expectations.
- Responsible for tracking key project milestones, adjusting program plans or resources, delivering presentations, and leading client meetings.
REQUIRED QUALIFICATIONS :
- 7+ years of experience in information assurance, cyber security, or information technology
- Experience assessing security controls based on cybersecurity principles and tenets, including, CIS CSC or NIST SP 800-53 Cybersecurity Framework
- Experience performing security impact and risk assessments
- Experience in preparing and containing results and findings from SAR reports
- Knowledge of computer networking concepts and protocols, network security methodologies, risk management processes, including methods for assessing and mitigating risk, cybersecurity and privacy principles, cyber threats and vulnerabilities, and application vulnerabilities
- Knowledge of authentication, authorization, performing risk assessments, and access control methods
- Knowledge of NIST SP 800-53 and NIST 800-137
- Bachelor's degree
- Certified Information Systems Security Professional (CISSP) Certification
- Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information
DESIRED QUALIFICATIONS :
- Experience conducting vulnerability scans and recognizing vulnerabilities in security systems
- Experience interpreting vulnerability scanner results to identify vulnerabilities
- Knowledge of communication methods, principles, and concepts that support the network infrastructure
CLERANCE :
- Secret minimum
29 days ago