Security Control AssessorEvolver Federal • Washington, DC, USA
Security Control Assessor
Evolver Federal • Washington, DC, USA
[job_card.30_days_ago]
[job_preview.job_type]
- [job_card.full_time]
- [filters_job_card.quick_apply]
[job_card.job_description]Gathering evidence for tested controls. Summarizing testing results, highlighting high / moderate risk items and compliance percentages. Documenting results within the Security Controls Assessment Plan. Analyzing and summarizing scan results, utilizing scans provided by the cloud environment. Assist in updating the client's IT Security Program policies and procedures. Provide timely reminders to Agency ISSOs to support Continuous Monitoring efforts. Assist in launching the client's Configuration Management program, including compliance testing and guidance on implementing DISA's Security Technical Implementation Guides (STIGs). Produce Security Assessment Reports (SAR) using the Agency's Information Assurance tool. Evaluate the risk of SAR findings from security testing and summarize them into Plan of Action and Milestone (POA&M) tracking documentation. Track the progress of the IT Risk Management program through POA&M updates and / or data submission to the Agency's Office of Risk Management. Review supporting artifacts, evaluate remediation of risk, and recommend POA&M closure Bachelor's degree in computer science, Information Technology, or a related field. 4 years of experience in conducting security testing in accordance with NIST SP 800-53A. 4 years of experience creating POA&Ms in the CSAM tool. 2 years of experience with NIST SP 800-53-A and security control assessment methodologies. 2 years of experience with security program management, including policy and procedure development, Continuous Monitoring, and risk management. US Citizen with the ablity to pass a comprehensive background check. 2 years of previous client-engagement experience. Strong analytical skills and ability to quantify and analyze test findings. Knowledge of security tools and techniques, including scanning tools. Understanding of cloud environments and related security implications. Excellent communication (verbal and written) and collaboration skills, with the ability to work effectively with security staff and Agency ISSOs. Impeccable work ethic, the ability to make sound decisions, and a commitment to integrity and accountability. Excellent organizational skills and attention to detail. Strong analytical, critical thinking, and problem-solving skills. Ability to function well in a high-paced and at times stressful environment. Ability to prioritize tasks. Proficient with Microsoft Office Suite; specifically, Excel, Word, and Outlook a must. One or more of the following certifications preferred : CISSP, CAP, CISM, Security+, CASP, CISA.
Evolver is looking for a Security Control Assessor to join our team supporting our federal client in Washington, DC. This position requires on-site 5 days / week at our federal client's HQ located in Washington, DC.
The Security Control Assessor is responsible for providing independent security control testing to the client for 20 FIPS Moderate and Low systems. Duties include conducting security control assessments through interviews, examination, and / or testing for all applicable management, operational, and technical controls, including analyzing findings and results and validating test results / reports. Duties also include developing Security Control Assessment Plans, Risk Assessment Reports, and ATO Memos, as well as developing and maintaining testing policies and related Standard Operating Procedures (SOPs). The Security Control Assessor is also responsible for documenting and presenting the results of the Security Test & Evaluation (ST&E) to government stakeholders including System Owners, ISSOs, the CISO and Authorizing Official. Responsibilities also include reviewing artifacts and providing recommendations on POA&M closures.
Responsibilities
- Conduct security testing in accordance with NIST SP 800-53-A.
- Develop Security Controls Assessment Plans, including :
Interviewing, examining, and / or testing management, operational, and technical controls.
Basic Qualifications
Preferred Qualifications
Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military / veteran status, or any other factor protected by law.
Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies.
Job Posted by ApplicantPro
[job_alerts.create_a_job]
Security Control Assessor • Washington, DC, USA
[internal_linking.similar_jobs]
A leading technology company is seeking a SAP Application Security Configurator to support US federal agencies.The role involves managing user access, implementing security protocols, and ensuring ...[show_more]
Seeking part-time security officer to provide all routine patrol and access control functions including property control at the Aerospace Arlington, VA location.
Part-Time : Sunday and Monday - 11 : 00...[show_more]
Please note that this position is with our direct client.Security Endpoint Engineer / Admin.Work Address : Washington DC 20003.
Please Note this position is 100% ONSITE Work and ONSITE Interview.Endpoi...[show_more]
Why consider this job opportunity : .Generous Paid-Time Off plan for work-life balance.Company vehicle with gas card provided.
K) plan with dollar-for-dollar match on the first eight percent, plus imm...[show_more]
Our client is seeking a skilled Technical Security Counter Measure (TSCM) Technician to work on government installations, scanning for unauthorized networks (Wi-Fi and Bluetooth) to safeguard natio...[show_more]
Job Title : Senior Azure Security Engineer.Location : Washington, DC (Hybrid) On-site 3 days a week at minimum.Skills : Security Controls, Security Tools, System Security.
Certifications : Active DoD 85...[show_more]
Life is short, work somewhere awesome.Join the Punch Bowl Social crew today and be the envy of all your friends.Opportunity for growth and development.
Team member discounts on food, beverage and ac...[show_more]
Workday Application Security & Controls Director.Workday Application Security & Controls Director.Be among the first 25 applicants.
A career in Enterprise Application Risk will allow you to develop ...[show_more]
Meta) builds technologies that help people connect, find communities, and grow businesses.Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help bu...[show_more]
Job Title : Lead Security Engineer - Reviewer.Clearance : Top Secret with SCI eligibility.Start : Based on Contract Award.
Foxhole Technology provides robust cybersecurity and IT support capabilities f...[show_more]
Imagineeer is seeking a skilled Human Capital Management (HCM) Security Administrator to design, implement, and maintain robust security frameworks within Human Capital Management (HCM) application...[show_more]
The Starting Hourly Rate / Salario por Hora Inicial is $20.The Pay Range / Rango salarial is $20.Working at Target means helping all families discover the joy of everyday life.We bring that vision ...[show_more]
Security is at the foundation of OpenAI's mission to ensure that artificial general intelligence benefits all of humanity.
The Security team protects OpenAI's technology, people, and products.We are...[show_more]
Systems Security Administrator (15.OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients.
We provide consulting services in the a...[show_more]
FISMA Information Security Engineer – Public Trust (Hybrid).FISMA Information Security Engineer to bridge technical security controls and federal compliance requirements.
Immediate need to support t...[show_more]
Internal Revenue Services (IRS).The successful candidate will play a critical role in protecting sensitive IRS data by implementing configuring and monitoring advanced security controls and complia...[show_more]
We are currently seeking an experienced.Regional Cyber Security Assessor (RCSO) Analyst.RCSO's are cyber security consultants and experts whose core function is to support and implement the cyber s...[show_more]
SAP Application Security Configurator.At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people.Our 13...[show_more]
Senior SAP Security Configurator – GRC & Access Control
Accenture • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Unarmed Security Officer
Constellis • Washington, DC, US
[job_card.part_time]
[last_updated.last_updated_30] • [promoted]
Security Endpoint Engg / Admin
NextGen Solutions Corp • Washington, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Risk Control Consultant- Washington
Sentry • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
4450 - Technical Security Counter Measure (TSCM) Technician - TS / SCI
Mission Box Solutions - JT Alliance, LLC • Washington, D.C., WA, US
[job_card.full_time]
[filters_job_card.quick_apply]
[last_updated.last_updated_30]
Senior Azure Security Engineer (Washington)
AllianceIT Inc • Washington, DC, US
[job_card.part_time]
[last_updated.last_updated_variable_days] • [promoted]
Security Ambassadors
Punch Bowl Social • Washington, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Workday Application Security & Controls Director
PwC • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Security Engineer
Meta • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Lead Security Assessor
Foxhole Technology • Alexandria, VA, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
HCM Security Administrator
IMAGINEEER LLC • Washington, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Target Security Specialist
Target • Greenbelt, Maryland, USA
[job_card.part_time]
[last_updated.last_updated_variable_days] • [promoted]
Offensive Security Engineer, Agent Security
OpenAI • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Systems Security Administrator (0043)
OCT Consulting, LLC • Washington, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
FISMA Information Security Engineer – Public Trust (Hybrid)
Peyton Resource Group • Bethesda, MD, United States
[job_card.permanent] +1
[last_updated.last_updated_variable_days] • [promoted]
Security Specialist
E Logic • Lanham, Maryland, USA
[job_card.full_time]
[last_updated.last_updated_1_day] • [promoted]
Regional Cyber Security Assessor (RCSO)
AGR, LLC • Beltsville, MD, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
SAP Application Security Configurator
Accenture Federal Services • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]