Security Control Assessor - Jobs via Dice : Job Details
Security Control Assessor
Jobs via DiceJob Location : Washington,DC, USA
1 week ago Be among the first 25 applicants
Description: Business Operational Concepts (BOC) is a recognized leader in providing Technical and Program Management Services, Information Technology, and Support. BOC has enabled their Government and Commercial clients to achieve their organizational initiatives through the application of high quality, innovative, and cost-effective professional services and solutions. We provide a positive working environment, with opportunities for advancement in our growing Federal sector workforce. We offer an excellent compensation package which includes a generous salary, insurance (medical, dental, etc.), paid leave, 401k plan and more. We are committed to the diversity we bring to the marketplace and believe customer satisfaction comes first. JOB SUMMARY: Business Operational Concepts (BOC) is currently seeking a Security Control Assessor to work with our government client. The selected candidate will conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by the clients IT system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37 and NIST SP 800-53a). DUTIES AND RESPONSIBILITIES:
- Provide expert security advice and recommendations to manage identified risks.
- Plan, develop, and conduct security testing of management, operational, and technical controls. Analyze and assess results based on risk to clients information systems.
- Participate in internal and external reviews, inspections, and audits to ensure compliance with federal laws and clients security policy.
- Conduct risk assessments to identify and mitigate risk to IT systems, facilities, and critical assets.
- Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies.
- Create Security Assessment Reports and deliver test results to system stakeholders. Provide expert security advice and recommendations to manage identified risks.
- Basic level understanding of basic computer and networking technologies
- TCP/IP stack
- Windows operating systems
- Linux/Unix-based operating systems
- Networking technologies (routing, switching, VLANs, subnets, firewalls)
- Common networking protocols SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc.
- Common enterprise technologies Active Directory, Group Policy, VMware vSphere
- Moderate level understanding of IT security principles, technologies, best practices, and NIST guidance
- Logical Access Control
- PKI and other encryption methods
- DISA STIG Security configuration baselines
- Auditing
- Vulnerability discovery and management
- NIST SP 800-53 rev. 4 control
- Excellent communications skills. Ability to communicate with senior management and federal client staff both technical and non-technical in a clear and concise manner using proper spelling, punctuation and grammar.
- Mastery of federal IT security laws such as the Federal Information Security Management Act (FISMA), policies, regulations, requirements, Executive Orders and Presidential Decision Directives such as EO 13556, HSPD12, OMB Memos M-06-16, and M-07-16; NIST 800 series, the federal IT security and incident reporting hierarchy.
- Knowledge and experience in categorizing systems per current NIST guidelines, defining system boundaries and identifying minimum and supplementary security controls to protect sensitive and critical IT systems.
- Knowledge and experience with the Risk Management Framework (RMF), Assessment and Authorization (A&A), SSP Development, and conducting audits of security controls.
- Knowledge and experience protecting the confidentiality, integrity and available of sensitive and critical information systems
- Knowledge and experience performing network security vulnerability assessments.
- Knowledge and experience with all areas of the System Development Lifecycle (SDLC) of IT systems.
- Minimum of 2+ years of experience as a cyber security assessor and/or ISSO
- Bachelors Degree or higher in information technology or information security-related field
- Interest in security/hacking culture. Ability to think like an attacker
- Some proficiency in Cloud Computing Offerings (Cloud Systems, SaaS, IaaS, PaaS).
- Familiarity with Cloud Service Providers (CSPs) and basic cloud deployment models
- Certifications of interest:
- Security+
- Certified Authorization Professional (CAP)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Microsoft Certified Solutions Associate (MCSA)
- Red Hat Certified System Administrator (RHCSA)
- Certified Ethical Hacker (CEH)
- Seniority level Entry level
- Employment type Full-time
- Job function Other, Information Technology, and Management
- Industries Software Development
Referrals increase your chances of interviewing at Jobs via Dice by 2x
Get notified about new Security Coordinator jobs in Washington, DC.
Washington, DC $69,923.00-$109,975.00 2 days ago
District of Columbia, United States 1 month ago
District of Columbia, United States 2 months ago
District of Columbia, United States 1 week ago
Personnel Security Specialist Entry Level (TS/SSBI)Washington, DC $50,000.00-$100,000.00 3 months ago
Personnel Security Specialist Mid-Level (TS/SSBI) Physical and Personnel Security Specialist Cybersecurity Coordinator (management analyst) Corporate Security Manager - Washington DC Metro LeadArlington, VA $94,400.00-$224,600.00 1 week ago
District of Columbia, United States 3 months ago
Security Supervisor - The Willard InterContinental Washington Security Professionals Join the CruxShield NetworkWashington, DC $85,000.00-$110,000.00 1 day ago
Professional Security Officer DC (60715) Security & Event Safety Operations ManagerWashington, DC $75,000.00-$80,000.00 1 month ago
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr