TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role involves conducting comprehensive assessments, identifying vulnerabilities and security risks, and working with IT and development teams to recommend and validate remediation strategies. The ideal candidate possesses a deep understanding of cybersecurity principles, risk management frameworks, and the ability to communicate complex information clearly to technical and non-technical stakeholders.
Key Responsibilities
· Conduct Security Assessments: Perform in-depth evaluations and testing of management, operational, and technical security controls across various systems, networks, and software applications.
· Identify Vulnerabilities and Risks: Utilize assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document findings, and assess the severity of risk.
· Documentation and Reporting: Prepare detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms), for identified weaknesses and deficiencies.
· Ensure Compliance: Verify and validate that systems and processes meet established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP).
· Remediation and Collaboration: Collaborate with system owners, IT teams, and developers to recommend corrective actions, provide guidance on secure practices, and ensure the proper implementation of mitigation strategies.
· Continuous Monitoring: Support the development and implementation of a continuous monitoring strategy and assess proposed changes to information systems that could affect their security posture.
Stay Current: Monitor and analyze security trends, threats, and new technologies to stay updated on emerging risks and mitigation techniques.
Requirements
· Education: A Bachelor's degree in Computer Science, Information Security, Information Systems, or a related field, or equivalent work experience.
· Experience: A minimum of 3-5 years of experience in cybersecurity, risk management, or security assessment/auditing roles.
· Technical Knowledge: Strong knowledge of cybersecurity principles, network protocols, operating systems, and web application security.
· Frameworks and Guidelines: In-depth understanding and practical experience with security frameworks and guidelines such as the NIST 800-series (e.g., RMF, NIST 800-53/53A, FIPS), ISO 27001, or similar.
· Assessment Tools: Proficiency in using security assessment and vulnerability scanning tools (e.g., Nessus, Burp Suite, OWASP ZAP).
· Analytical Skills: Excellent problem-solving, analytical, and critical thinking skills with strong attention to detail.
· Communication: Strong written and verbal communication skills to prepare reports, present findings, and advise diverse stakeholders effectively.
Preferred Certifications
· Certified Information Systems Security Professional (CISSP)
· Certified Information Security Manager (CISM)
· Certified Authorization Professional (CAP)
· Certified Information Systems Auditor (CISA)
· Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) (if applicable to the specific role's focus on penetration testing)
Qualified Security Assessor (QSA) (for roles specifically focused on PCI DSS compliance).
Benefits
At TLA, we build solutions that matter—supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission-focused outcomes for our customers.
We offer a competitive and comprehensive benefits package including:
TLA is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Security Assessor • McLean, VA, US
We are looking for a motivated and detail-oriented professional to join our client's team in the education sector.In this role, you will contribute to managing test security investigations, ensurin... Show more
Location: Remote (closest to EST).Mode: This is a true, temporary assignment covering peak time (test administration and a leave).Duration: Start ASAP- ending late August timeframe; regular busines... Show more
Join The Johnson Controls Team.Build your best future with the Johnson Controls team.As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of b... Show more
The Asset Protection Specialist is primarily responsible for preventing financial loss caused by theft and fraud and supporting safety and environmental program compliance in their assigned store/m... Show more
Army Information Systems Security Engineer (ISSE).Salaried High Fringe/Full-Time.LMI, a consultancy dedicated to supporting government transformation and readiness, is seeking a skilled Information... Show more
Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide you a sense of purpose.While working in a dynamic, welcoming, and collaborati... Show more
Technology and Business consulting services.We are in search of a highly motivated candidate to join our talented team.Specific responsibilities include:.The job requires a Bilingual - TPRM Assesso... Show more
Senior Security Program Protection Specialist.Springfield, VA Top Secret CI Polygraph Career Level not specified $135,000 - $153,000.Job Status: Position is funded/active contingent upon acceptance... Show more
Job Title: Security & Law Enforcement (Master-at-Arms).Category / Component: Enlisted • Active.Master-at-Arms (MA) Sailors provide the Navy's core security, antiterrorism, and law enforcement capa... Show more
Must be able to work a W2 and be eligible to obtain a Public Trust*.Previously have worked in government / federal space is strongly preferred.Sitting in Eastern Time Zone is strongly preferred, ca... Show more
A place to share your ideas freely - even if they're daring or different.Where the true you can learn, grow, and thrive.At Verizon, we power and empower how people live, work and play by connecting... Show more
Guidehouse SkillBridge Fellowship Program.The Guidehouse SkillBridge Fellowship Program staffs fellows on real world projects, showcasing the Guidehouse culture, and providing them with a meaningfu... Show more
Defense Mission Expert The Opportunity: To keep pace with emerging technology and a challenging security environment, organizations need help looking at their operations from the outside.Whether ... Show more
Amazon Web Services (AWS) serves customers and developers who rely on storage, compute, and our other service capabilities.Our customers trust us to handle their data with air-tight security measur... Show more
Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide you a sense of purpose.While working in a dynamic, welcoming, and collaborati... Show more
Information System Security Manager (ISSM).The successful candidate will provide oversight and enforcement of Department of War policies and procedures in order to maintain a holistic security appr... Show more
Program Security Representative.QinetiQ US is seeking a Program Security Representative to support a Research, Development, Test & Evaluation (RDT&E) Department of War client in Chantilly, VA.The h... Show more
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come.Our pioneering and i... Show more
Konica Minolta Business Solutions, provides the highest level of Electronic Security including Intrusion Detection, Access Control and IP Video Surveillance technology.Conduct security assessments ... Show more
Information Security Architect.This is a hybrid role for 6 months with a possible extension for another year.The ideal candidate has a development background and is transitioning into security arch... Show more
