Jobs
>
Arlington

    Risk Assessor - Arlington, United States - Zermount, Inc.

    Zermount, Inc.
    Zermount, Inc. Arlington, United States

    1 week ago

    Default job background
    Description
    RISK ASSESSOR, MID.

    MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

    Zermount Inc. is seeking a Mid Risk Assessor who will be responsible for preparing for risk assessments (RA), conducting RA, developing reports and providing solutions to mitigate risk. Conduct assessments of systems, technologies, designs, configurations, and capabilities to identify the potential adverse impacts to the client's mission, operations, systems, and data. Responsible for providing leadership with the information needed to determine appropriate courses of action in response to identified risks and ability to make data driven decisions. Conduct assessments to assist the organization in identifying and modifying their overall security posture and to enable security, operations, organizational management, and other personnel to collaborate and view the entire organization from an attacker's perspective. Assist leadership with determining the value of the various types of data generated and stored across the organization and ensuring it is properly protected. You will be providing a critical service to measure the client's security posture, and validate they are compliant with federal requirements, laws, directives, standards, guidelines, and industry best practices.

    Design, develop, engineer, and implement Cybersecurity solutions as mandated by the Clinger Cohen Act. Perform complex risk assessment. Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. Support customers at the highest levels in the development and implementation of doctrine and policies. Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. Perform analysis, design, and development of security features to support system architecture.
    • Duties & Responsibilities: Assess all applicable security controls defined in the mandated DHS Compliance tool and applicable to the systems under their purview.
    • Complete System Categorization (FIPS-199), Privacy Threshold Analysis (PTS), E-Authorization, Contingency Plans (CPs), Contingency Plan Tests, Security Plans. Review Nessus scan reports and collaborate with system security engineers, ISSOs and System Owners as needed.
    • Develop the Security Assessment (SA) package documentation to include Security Assessment Plans (SAP), Security Assessment Reports (SAR), ATO Letters, ATO Recommendation Memo, Risk Assessment Memos, CFO Designation Memos, POA&M finding matrices, Executive Data Sheet (EDS), OA artifacts, etc.
    • Gather evidence for ATO efforts and store results in the mandated DHS Compliance Tool and/or in a separate customer repository.
    • Assess risk as a result of system upgrades and provide recommendation on handling potential impact of the change while utilizing assigned tools for tracking the system changes.
    • Provide recommendations for refining and/or improving existing RMF processes and procedures and support implementation of these changes.
    • In view of the remote nature of the contract, an individual Weekly Status Report and Weekly Status Reports Briefing are required deliverables for assigned tasks. The resources must have the ability to effectively develop weekly status reports, that are consistent, well structured, answer to all the assigned management templates guidelines, are in alignment with the task area of support, and are relevant to the reporting period. At a minimum the weekly status report should reflect the following:
    • Weekly work accomplished.
    • 2 weeks of ongoing and planned tasks
    • Risks, and issues impacting tasks assigned.
    • The report format will be primarily MS PowerPoint and MS Project (or other MS tools as required by the management team).
    • All Deliverables shall be at a level of accuracy that does not require "return for correction" for typographical and grammatical errors. (Repetitive requests for correction by the management or Government team may result in a determination of failing to meet the basic standards for professional writing, reporting, accuracy, quality, and completeness of the contractual requirements for deliverables.)
    • Must have the ability to prepare to present, brief, and explain; all information captured in weekly status report to management and/or government client.
    Basic Responsibilities: Analyze IT specifications to assess security risks. Design and implement safety measures and data recover plans. Secure networks.

    Inspect customers systems for vulnerable points of access. Monitor network activities and communicate them to teams.

    Qualifications:
    • Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements Technical knowledge of IT systems.
    • Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc.
    • Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers.
    • Proven experience as a system engineer who later moved to Security engineering roles.
    • Programming skills such as .NET, PHP, MySQL, CSS, JSON, Javascript, C/C++ are preferred.
    • In-depth knowledge of NIST 800 Series such as 800-37, 800-30, 800-53A, Circular A-130, FIPS
    • 140- 2
    • Knowledge of patch management, firewalls and intrusion detection/prevention systems.
    • Familiarity with public key infrastructure (PKI) and cryptographic protocols e.g. SSL/ TLS.
    • An analytical mind with excellent problem-solving ability.
    • Outstanding communication and organization skills.
    • Decision-making skills.
    Education: Bachelor preferable but professional experience: 5 years minimum of IT / Cybersecurity experience including direct support of the US government and 3 years as an ISSO, assessor, engineer, or compliance analyst. 7 years if the candidate does not have a bachelor's degree.

    A relevant Bachelors degree in IT, Computer Science or engineering with 5 years of IT cybersecurity experience including direct support for the US Government and 4 years acting as an ISSO, assessor, or compliance analyst

    Certifications and Training (Required): At least one of the following security certifications:
    • Certified Authorization Professional (CAP)
    • Certified Information Systems Security Officer (CISSO)
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Security Professional (CISSP)
    Clearance level: Must have at least a Secret Level Security Clearance.

    Work Location:
    • Remote
    Hours of Operation:
    • Business Hours: 8:00 am EST - 4:30 pm EST.
  • Win Win Operations

    Psychologist/psychosexual Risk Assessor

    1 week ago

    Win Win Operations Washington, United States

    **ATTENTION**: YOU MUST ANSWER ALL APPLICATION QUESTIONS AND SUBMIT THE REQUIRED SUBMITTALS (IF APPLICABLE) TO BE CONSIDERED FOR THIS POSITION. · **ABOUT US** · Win Win Operations is a leading staffing firm that specializes in providing qualified professionals in various industri ...

  • Zermount, Inc

    Risk Assessor

    2 days ago

    Zermount, Inc Arlington, United States

    Job Description · Job DescriptionSENIOR RISK ASSESSOR · MILITARY FRIENDLY & PREFERRED - HOH SPONSOR · The Senior Risk Assessor's role is to design, develop, engineer, and implement solutions. Perform complex risk analyses which also include risk assessment. This position will als ...

  • Zermount, Inc

    Risk Assessor

    2 days ago

    Zermount, Inc Arlington, United States

    Job Description · Job DescriptionRISK ASSESSOR, MID. · MILITARY FRIENDLY & PREFERRED - HOH SPONSOR · Zermount Inc. is seeking a Mid Risk Assessor who will be responsible for preparing for risk assessments (RA), conducting RA, developing reports and providing solutions to mitigate ...

  • Booz Allen Hamilton

    Cyber Risk Assessor

    1 week ago

    Booz Allen Hamilton Arlington, United States Full time

    Job Number: R0194327 · Cyber Risk AssessorThe Opportunity: · Warnings about cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this "cyber noise," how can these organiza ...

  • AECOM

    Human Health Risk Assessor

    1 week ago

    AECOM Germantown, United States

    **Company Description** Work with Us. Change the World.** · At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world' ...

  • AECOM

    Human Health Risk Assessor

    2 days ago

    AECOM Germantown, United States

    Company Description · Work with Us. Change the World. · At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's tr ...

  • AECOM

    Human Health Risk Assessor

    1 week ago

    AECOM Germantown, United States

    **Company Description** · **Work with Us. Change the World.** · At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the ...

  • Parsons Corporation

    Human Health and Environmental Risk Assessor

    2 weeks ago

    Parsons Corporation Centreville, United States

    In a world of possibilities, pursue one with endless opportunities. Imagine Next · When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace ...

  • System High Corporation

    Security Control Assessor

    1 week ago

    System High Corporation Arlington, United States

    **Position Overview** · The Security Control Assessor must fulfill a variety of cybersecurity functions, to include: System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology (PIT) ...

  • Credence Management Solutions, LLC

    Information Systems Security Manager

    6 days ago

    Credence Management Solutions, LLC Arlington, United States

    Overview: · The Information Systems Security Manager (ISSM) is responsible for implementing and overseeing cyber hygiene for all refugee operational activities within the Refugee Processing Center (RPC). Reporting directly to the Project Manager and Deputy Project Manager for the ...

  • Zermount Inc

    Security Control Assessor

    5 hours ago

    Zermount Inc Arlington, United States

    **Security Control Assessor Team Lead**: · **MILITARY FRIENDLY & PREFERRED - HOH SPONSOR**: · **Summary** · Zermount Inc. is seeking a Security Control Assessor Team Lead who will play a vital role in leading multiple teams on large projects. The System Security Assessment Team L ...

  • US Office of the Chief of Staff of the Army

    IT Specialist

    5 hours ago

    US Office of the Chief of Staff of the Army Arlington, United States

    **Duties**: · - Serves as an Information Technology (IT) Control Assessor (CA). · - Functions as Control Assessor (CA) providing analytical and technical advice/guidance to support decisions in the areas of Cybersecurity. · - Assists with integrating Assessment and Authorization ...

  • Educology Solutions

    Security Assessor

    1 week ago

    Educology Solutions Washington, United States

    ESI is seeking a security assessor to assist our customer in conducting independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determin ...

  • Bering Straits Native Corporation (BSNC)

    Security Control Assessor, Lead

    1 week ago

    Bering Straits Native Corporation (BSNC) Washington, United States

    Overview: · **SUMMARY** · Bering Global Solutions, LLC, a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Security Control Assessor, Lead for a government client in Washington, DC. The selected individual will guide system owners, designated IT se ...

  • ShorePoint

    Governance, Risk, and Compliance

    1 day ago

    ShorePoint Washington, United States

    **Who we are**: · ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint sub ...

  • Modern Technology Solutions, Inc.

    Security Control Assessor

    5 days ago

    Modern Technology Solutions, Inc. Washington, United States

    Own Your Future. · Modern Technology Solutions, Inc. (MTSI) is seeking a **Security Control Assessor (SCA) II** to join our team. · **Why is MTSI known as a Great Place to Work?** · - ** Interesting Work**: Our co-workers support some of the most important and critical programs t ...

  • Goldbelt, Inc.

    Security Control Assessor Ii

    2 weeks ago

    Goldbelt, Inc. Washington, United States

    Overview: · Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level ...

  • Goldbelt, Inc.

    Security Control Assessor Ii

    5 days ago

    Goldbelt, Inc. Washington, United States

    Overview: · Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level ...

  • Cyber Guardian Threat Solutions LLC

    Information System Security Officer

    5 hours ago

    Cyber Guardian Threat Solutions LLC Washington, United States

    Job Summary: · **Requirements**: · - CISSP Certification is highly desired · - Five (5) years of experience in performing ISSO role and duties in support of the Federal Government. · - Knowledge of Federal Government Security Assessment and Authorization (SA&A) or Governance Risk ...

  • Syneren Technologies Corporation

    Telecom Security Control Assessor

    4 days ago

    Syneren Technologies Corporation Vienna, United States

    **Job Title**: Telecom Security Control Assessor (Remote/Hybrid) · Syneren is seeking an experienced Telecom Security Control Assessor. · **Responsibilities**: · - 10+ years of experience in Information Security. · - 5+ years of experience with security control assessment methodo ...