Security Assessor - Washington, United States - Educology Solutions

Educology Solutions
Educology Solutions
Verified Company
Washington, United States

3 weeks ago

Mark Lane

Posted by:

Mark Lane

beBee recruiter
Description

ESI is seeking a security assessor to assist our customer in conducting independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine their effectiveness.


Duties & Responsibilities

  • Develop methods to monitor and measure risk, compliance, and assurance efforts.
  • Draft statements of preliminary or residual security risks for system operation.
  • Maintain information systems assurance and accreditation materials.
  • Monitor and evaluate a system's compliance with information technology (IT) security, resilience, and dependability requirements.
  • Assess the effectiveness of security controls.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks.
  • Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standardsbased concepts and capabilities.
  • Knowledge of the Security Assessment and Authorization process.
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure.
  • Knowledge of Risk Management Framework (RMF) requirements.
  • Knowledge of organization's evaluation and validation requirements.
  • Knowledge of cyber defense and vulnerability assessment tools, including open source tools, and their capabilities.
  • Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
  • Knowledge of penetration testing principles, tools, and techniques.

Qualifications

  • DOD Secret Clearance Required
  • 57 Years Experience as a Security Assessor
  • BA in Computer Science or Related Field.
More jobs from Educology Solutions
See all jobs of Educology Solutions