Jobs
>
Bethesda

    Security Control Assessor - Bethesda, United States - General Dynamics Information Technology

    General Dynamics Information Technology
    General Dynamics Information Technology Bethesda, United States

    1 week ago

    General Dynamics Information Technology background
    Technology / Internet
    Description

    A career as a Security Control Assessor at GDIT means owning every opportunity to help support and advance our clients' missions.

    At GDIT, cyber security is embedded into every aspect of what we do.

    We're constantly evolving our cyber solutions to overcome our clients' biggest challenges, and you will have the opportunity to develop and grow as these technologies evolve.

    HOW A SECURITY CONTROL ASSESSOR WILL MAKE AN IMPACT
    Provide documentation to Customer which describes all identified system risks, planned test procedures taken, and test results
    Provide enhancement capabilities and Standard Operating Procedures (SOPs)

    to assessment operations for execution and implementation
    Maintain accountability to endure integrity and confidentiality of the assessment process
    Provide analysis of vulnerabilities and exploitations
    Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.)
    Develop and document security evaluation test plan and procedures
    Assist in researching, evaluating, and developing relevant Information Security policies and guidance
    Actively participate in or lead

    Technical Exchange Meetings (TEMS)

    and application review boards, documenting actions items/results of these events
    Brief management, as needed, on the status of action items and/or results of activities
    Conduct hands-on security testing, analyze test results, document risk, and recommend countermeasures
    Assess and calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing
    Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
    Make recommendations to the IC CISO or designee for improving TTPS for better cyber threat protection.


    WHAT YOU'LL NEED TO SUCCEED:

    Education :
    Bachelor's Degree (Computer Engineering, Computer Science, Electrical Engineering, Information Systems, Information Technology, Cybersecurity, or a closely related discipline)

    Required Experience : 6+ yrs


    Required Technical Skills:


    Three (3) years of cybersecurity experience with at least one year of experience conducting SCAs under ICD 503/CNSSI 1253 NIST Cybersecurity Framework, Risk Management Framework (RMF), or a similar framework.

    One full year of SCA experiences within the last three calendar years.

    One full year supporting cloud environment and experience performing security assessments in a cloud environment (AWS, Google, IBM, Azure, and Oracle).

    Skill in conducting vulnerability scans and recognizing vulnerability in security systems (e.g., Cloud Environments) AWS, Google, IBM, Azure, and Oracle.

    Must meet Department of Defense (DOD Manual (M) Information Assurances Workforce Improvement Program requirement for Information Assurance Manger (IAM) Level III (CISM, CISSP or Associate GSLC or CCISO).

    Knowledge of general attack strategies (e.g., MITRE ATT&CK Framework).
    Knowledge of NISPOM, ICD 503, NIST SP 800-53, ICD 705, and other ICDs as appropriate.
    Knowledge of Independent Verification & Validation (IV&V) of security controls.
    Three years of experience performing security assessments in a cloud computing environment.
    Strong writing skills.
    Knowledge of system and application security threats and vulnerabilities.
    Knowledge of network access, identity, and access management e.g. public key infrastructure (PKI)

    Knowledge of network protocols such as Transition Control Protocol/Internet Protocol (TCP/IP), Dynamic Host Configuration, Domain Name System (DNS), and directory Services.

    Ability to assess the robustness of security systems and designs.
    Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
    Write final reports and defend all findings, including risk or vulnerability, mitigation strategies, and references.
    Report vulnerabilities identified during security assessments.
    Write penetration testing Rules of Engagement (RoE), Test Plans, and Standard Operating Procedures (SOP).
    Conducted security reviews and technical research and provided reporting to increase security defense mechanisms.

    Security Clearance Level :
    TS/SCI with active polygraph

    Location :
    Bethesda, MD - On Customer Site


    GDIT IS YOUR PLACE:
    401K with company match
    Comprehensive health and wellness packages
    Internal mobility team dedicated to helping you own your career
    Professional growth opportunities including paid education and certifications
    Cutting-edge technology you can learn from
    Rest and recharge with paid vacation and holidays

    #OpportunityOwned

    #GDITCareers

    #WeAreGDIT

    #JET

    #SWDevpolyVA

    Work Requirements


    cls-1{fill:

    none;stroke:
    #5b6670;stroke-miterlimit:10;stroke-width:2px}

    Years of Experience
    6 + years of related experience

    * may vary based on technical training, certification(s),

    or

    degree


    cls-2{fill:

    none;stroke:
    #5b6670;stroke-miterlimit:10;stroke-width:2px}

    Certification

    Travel Required
    Less than 10%


    cls-3{fill:

    none;stroke:
    #5d666f;stroke-miterlimit:10}

    Citizenship
    U.S. Citizenship Required

    Salary and Benefit Information
    The likely salary range for this position is $148,750 - $201,250. This is not, however, a guarantee of compensation or salary.

    Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

    View information about benefits and our total rewards program.
    About Our Work

    We are GDIT.

    A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S.

    government, defense and intelligence community.

    Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation.

    We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development.

    Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

    GDIT is an Equal Opportunity/Affirmative Action employer.

    All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

  • General Dynamics Information Technology

    Security Control Assessor

    2 days ago

    General Dynamics Information Technology Bethesda, United States

    Type of Requisition: · Regular · Clearance Level Must Currently Possess: · Top Secret SCI + Polygraph · Clearance Level Must Be Able to Obtain: · Top Secret SCI + Polygraph · Suitability: · Public Trust/Other Required: · None · Job Family: · Cyber Security · Job Qualifications: · ...

  • Modern Technology Solutions, Inc.

    Security Control Assessor

    1 week ago

    Modern Technology Solutions, Inc. Washington, United States

    Own Your Future. · Modern Technology Solutions, Inc. (MTSI) is seeking a **Security Control Assessor (SCA) II** to join our team. · **Why is MTSI known as a Great Place to Work?** · - ** Interesting Work**: Our co-workers support some of the most important and critical programs t ...

  • System High Corporation

    Security Control Assessor

    2 weeks ago

    System High Corporation Arlington, United States

    **Position Overview** · The Security Control Assessor must fulfill a variety of cybersecurity functions, to include: System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology (PIT) ...

  • Maximus Services, LLC

    Security Control Assessor

    6 days ago

    Maximus Services, LLC Arlington, United States

    **Description & Requirements** · Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. · The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security cont ...

  • Zermount Inc

    Security Control Assessor

    1 week ago

    Zermount Inc Arlington, United States

    **Security Control Assessor Team Lead**: · **MILITARY FRIENDLY & PREFERRED - HOH SPONSOR**: · **Summary** · Zermount Inc. is seeking a Security Control Assessor Team Lead who will play a vital role in leading multiple teams on large projects. The System Security Assessment Team L ...

  • Bering Straits Native Corporation (BSNC)

    Security Control Assessor, Lead

    2 weeks ago

    Bering Straits Native Corporation (BSNC) Washington, United States

    Overview: · **SUMMARY** · Bering Global Solutions, LLC, a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Security Control Assessor, Lead for a government client in Washington, DC. The selected individual will guide system owners, designated IT se ...

  • Goldbelt, Inc.

    Security Control Assessor Ii

    1 week ago

    Goldbelt, Inc. Washington, United States

    Overview: · Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level ...

  • Goldbelt, Inc.

    Security Control Assessor Ii

    3 weeks ago

    Goldbelt, Inc. Washington, United States

    Overview: · Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level ...

  • Global Resource Solutions, Inc.

    Security Control Assessor I

    2 days ago

    Global Resource Solutions, Inc. Washington, United States

    Global Resource Solutions, Inc. (GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Security Control Assessor I. · **Job Descriptio**n**: · **Summary**: The SCA is responsible for conducting a comprehensive assessment of the ...

  • General Dynamics Information Technology

    Security Control Assessor

    3 weeks ago

    General Dynamics Information Technology Bethesda, United States

    REQ#: RQ174210 Public Trust: None Requisition Type: Regular Your Impact Own your opportunity to serve as a critical component of our nation's safety and security. Make an impact by using your expertise to protect our country from threats. Job Description A career as a Security Co ...

  • McIntire Solutions

    Security Control Assessor

    3 weeks ago

    McIntire Solutions Bethesda, United States Full time

    Title: Security Control Assessor · Location: Bethesda, MD · McIntire Solutions is seeking a Security Control Assessor to support our Bethesda Customer. · Responsibilities include, but are not limited to: · Three (3) years of cybersecurity experience with at least one year of ex ...

  • McIntire Solutions

    Security Control Assessor

    1 week ago

    McIntire Solutions Bethesda, United States

    Job Description · Job DescriptionTitle: Security Control Assessor · Location: Bethesda, MD · McIntire Solutions is seeking a Security Control Assessor to support our Bethesda Customer. · Responsibilities include, but are not limited to: · Three (3) years of cybersecurity experie ...

  • Integrated Intel Solutions

    Security Control Assessor

    1 week ago

    Integrated Intel Solutions Bethesda, United States

    Job Description · Job DescriptionSecurity Control Assessor- Senior · Bachelors degree in computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline. · Four years of additional demonst ...

  • General Dynamics Information Technology

    Security Control Assessor

    2 weeks ago

    General Dynamics Information Technology West Bethesda, United States

    A career as a Security Control Assessor at GDIT means owning every opportunity to help support and advance our clients' missions. At GDIT, cyber security is embedded into every aspect of what we do. We're constantly evolving our cyber solutions to overcome our clients' biggest ch ...

  • General Dynamics Information Technology

    Security Control Assessor

    1 week ago

    General Dynamics Information Technology Bethesda, United States

    A career as a Security Control Assessor at GDIT means owning every opportunity to help support and advance our clients' missions. At GDIT, cyber security is embedded into every aspect of what we do. We're constantly evolving our cyber solutions to overcome our clients' biggest ch ...

  • General Dynamics Information Technology

    Security Control Assessor

    1 week ago

    General Dynamics Information Technology Bethesda, United States

    REQ#: RQ168304 Public Trust: None Requisition Type: Regular Your Impact Own your opportunity to serve as a critical component of our nation's safety and security. Make an impact by using your expertise to protect our country from threats. Job Description A career as a Security Co ...

  • McIntire Solutions

    Security Control Assessor

    1 week ago

    McIntire Solutions Bethesda, United States

    Job Description · Job DescriptionTitle: Security Control Assessor · Location: Bethesda, MD · McIntire Solutions is seeking a Security Control Assessor to support our Bethesda Customer. · Responsibilities include, but are not limited to: · Three (3) years of cybersecurity experie ...

  • General Dynamics Information Technology

    Security Control Assessor

    1 week ago

    General Dynamics Information Technology Bethesda, United States

    REQ#: RQ174210 Public Trust: None Requisition Type: Regular Your Impact Own your opportunity to serve as a critical component of our nation's safety and security. Make an impact by using your expertise to protect our country from threats. Job Description A career as a Security Co ...

  • General Dynamics Information Technology

    Security Control Assessor

    1 week ago

    General Dynamics Information Technology Bethesda, United States

    REQ#: RQ175088 Public Trust: None Requisition Type: Regular Your Impact Own your opportunity to serve as a critical component of our nation's safety and security. Make an impact by using your expertise to protect our country from threats. Job Description A career as a Security Co ...

  • The Swift Group

    Security Control Assessor

    1 week ago

    The Swift Group Bethesda, United States

    Job Description · Job DescriptionThe Swift Group in seeking an experienced Security Control Assessor (SCA) to join our team. This candidate will be responsible for evaluating the security posture of our systems and infrastructure, ensuring compliance with relevant frameworks and ...