Security Controls Assessor - Hyattsville, United States - Cyber Security Innovations

Description

Job Description

Cyber Security Innovations (CSI) is looking for a Security Controls Assessor to join our team on an upcoming program, pending contract award. In this role, you will be part of a team of professionals responsible for Cyber Security Compliance and Assessment in support of our federal client.

Responsibilities Include:

• Complete annual assessments of our client's systems as defined by (but not limited to) NIST 800-37, Risk Management Framework (RMF), and FISMA. This includes control testing plus all new NIST Rev 5 controls.
• Interpret and assess NIST Revision 5 security and privacy controls.
• Develop an effective Security Assessment Plan (SAP).
• Conduct an impartial assessment of system-specific, common and hybrid controls, as applicable.
• Provide Technical Expertise with hardware, software, and firmware components as they relate to an accreditation boundary.
• Complete Security Assessment Report and Remediation actions.
• Create and update system documents including Privacy Impact Assessment (PIA), Privacy Threshold Analysis (PTA), System of Record Notices (SORNs), Rules of Engagement, System Security Plans (SSP), Risk-Threat Pairing, Residual Risk and Risk Assessment Results Reports, Plans of Action and Milestone (POA&Ms), Artifact Documentation, Vulnerability Assessment Reports, etc.

Required Skills and Qualifications:

• Must be a US Citizen able to obtain an agency-specific suitability / Public Trust clearance.
• Bachelor's degree or equivalent experience.
• 3+ years of relevant experience in cyber security controls assessment.
• Must reside within a commutable distance to New Carrollton, MD in order to work a hybrid-onsite schedule.
• Domain and expert technical knowledge in cybersecurity compliance, including Risk Management Framework.
• Demonstrated knowledge of security tools, security architecture, NIST security standards and compliance measurements, and quality assurance testing.
• Experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, and

Desired Skills and Qualifications:

• Security+, CISA, CISSP, CISM, or other equivalent industry certification desired.

Cyber Security Innovations (CSI) is an equal opportunity employer committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. As a veteran-friendly employer, we encourage military veterans to apply.

This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. CSI makes hiring decisions based solely on qualifications, merit, and business needs at the time.

CSI participates in the E-Verify Employment Verification Program.