Security Controls Assessor - Senior
Washington, DC, United States
Agil3Tech (Agil3 Technology Solutions)
Company Description
A3T (Agil3 Technology Solutions, LLC), one of the fastest growing U.S. companies, specializes in Cybersecurity Operations, IT/Digital Modernization, Emerging Technology, and Professional Services. Join A3T and watch your career soar!
A3T is seeking an experienced Security Controls Assessor to support our critical customer mission. If you are experienced, hard-working and dedicated, apply today!
Job Description
A3T is seeking a senior-level Security Controls Assessor (SCA) to support our DHS critical customer mission. Our contractor team supports the Chief Information Security Officer (CISO) by facilitating Federal Information Security Modernization Act (FISMA) compliance for all customer IT systems. Compliance support, including testing and engineering services, will ensure that all Information Systems Security Officers (ISSOs) have the necessary information throughout the life cycle of each system. The SCA will be responsible for audits of complex information systems, platforms, and operating procedures in accordance with established government standards for efficiency, accuracy and security.
Partial telework may be authorized based on government approval.
Duties and Responsibilities:
- Evaluates IT infrastructure in terms of risk to the organization and establishes controls to mitigate loss
- Determines and recommends improvements in current risk management controls and implementation of system changes or upgrades
- Develops information systems auditing procedures and trains staff on compliance guidelines
- Monitors procedures and provides top management with reports
- Oversees the Plan of Action and Milestones (POA&M) process.
- Conducts vulnerability assessments and penetration testing for all IT systems
- Performs static code reviews and analysis on software programs
- Oversees a team of IT auditors, testers, and administrators responsible for compliance services
Core Competencies:
- Knowledge of National Institute of Standards and Technology (NIST) publications applicable to FISMA and other directives.
- Knowledge of continuous monitoring initiatives and encryption standards
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
Qualifications
- U.S. citizen and ability to obtain DHS suitability for Public Trust (government security clearance desired for reciprocity)
- Seven or more (7+) years of IT security assessment experience
- CISSP or CISM
- CAP or CASP or CISA certifications
- (Desired) Bachelor’s degree from an accredited college or university in Cybersecurity, or related IT discipline
Additional Information
Agil3 Technology Solutions (A3T) offers a competitive benefits package to include: paid holidays, paid time off, medical, dental, vision, 401K, company paid long and short term disability and life insurance, referral bonuses, education/certification reimbursement program, and more.
It is the policy of A3T to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations.
A3T maintains a drug-free workplace and performs pre-employment substance abuse testing to include background checks.
Tags: Application security Audits CASP+ CISA CISM CISSP Clearance Compliance Encryption FISMA IT infrastructure Monitoring NIST Pentesting Risk management Scripting Security assessment Security Clearance SOAR SQL Vulnerabilities XSS
Perks/benefits: 401(k) matching Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs