Security Control Assessor - Arlington, United States - Maximus Services, LLC

Maximus Services, LLC

Verified Company

Arlington, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Description & Requirements
Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA.

The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an SAP information system to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).

Maximus TCS (Technology and Consulting Services)

Internal Job Profile Code:
TCS040, T4, Band 7

What you will do:

Monitor and evaluate system compliance with information technology (IT) security, resilience, and dependability requirements
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
Experience with assessing cloudbased security authorizations (FedRamp, AWS & Azure) as well as the NIST control responsibilities
Draft Security Assessment Reports (SAR) based on the findings from the system assessment
Provide expert security advice and recommendations to manage identified risks
Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies

Required Skills:

A Bachelor's degree is required for this position. 4 years of relevant work experience may be considered in lieu of the degree requirement. An Associate's degree and 2 years of relevant work experience may also be considered in lieu of the degree requirement
7+ years of experience working with Risk Management Framework (RMF).
7+ years of experience as a cyber security assessor and/or ISSO
Must meet 8140 baseline certification requirements (CISSP, CCNA, CySA+, GISCP, Sec+CE, CND, SSCP etc.)
7+ years of experience with the following tools: SCAP, ACAS, Vulnerator, HBSS, eMASS
Excellent written and verbal communication skills
7+ years of experience understanding DISA STIG Security configuration baselines.

Desired Skills:

Knowledge and experience performing network security vulnerability assessments

clearance #techjobs #SAPCIO #MayEventJobs #HighlightedJobs0423X #HighlightedJobs0423LI

Minimum Requirements

Maximus TCS (Technology and Consulting Services)

Internal Job Profile Code:
TCS040, T4, Band 7

EEO Statement

Pay Transparency
- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.