Jobs · Information Technology · Maryland

Senior Security Controls Assessor (SCA)

nDepth Security, LLC · Columbia, MD · 8 mo ago
Information TechnologyFull-time

Responsibilities

  • Conducting verification and validation for security compliance of all information systems, products, and components
  • Analyzing design specifications, design documentation, configuration practices and procedures, and operational practices and procedures
  • Providing identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance
  • Conducting on-site evaluations
  • Validating the security requirements of the information system
  • Verifying and validating that the system meets the security requirements
  • Providing vulnerability assessments of the system
  • Coordinating penetration testing
  • Providing a comprehensive verification and validation report (assessment report) for the information system
  • Providing process improvement recommendations
  • Assisting the customer to draft standards and guidelines for usage

    Required Qualifications

    • Twelve years of related work experience (a Bachelor’s Degree in Computer Science or IT Engineering may be substituted for four years of experience)
    • Experience in security or system engineering in five or more areas, including: telecommunications concepts, operating systems, databases/DBMS, middleware, applications, web-servers, SANS/Netaps, Active Directory, firewalls, and controlled interfaces (U) DoD 8570-1M Change 2 IAT Level III or IAM Level III requirements, including certification in an operating system such as Linux/Unix or Windows 7. The desired windows certification is the Microsoft Certified Information Technology Professional (MCITP).
    • Must be a U.S. citizen
    • Must be fully cleared with FS poly

    Desired Qualifications

    • Strong presentation, report writing and customer interface skills
    • Familiarity with various operations systems such as Microsoft Windows, various versions of UNIX (AIX, Solaris, HPUX, etc), and Linux
    • Detailed knowledge of TCP/IP and other major protocols (i.e. NetBEUI, NETBIOS, IPX/SPX) and the inherent weaknesses of the protocols
    • Understanding of ‘hacking’ methodology concerning performance of vulnerability assessments
    • The ability to keep a robust security skill set current and to work on multiple projects concurrently
    • Previous instructor-led training experience and developing classroom lectures and material to facilitate in-person and on-line learning activities
    • Experience with Learning Management Systems (LMS) such as Moodle, Canvas, and Blackboard.

Similar jobs

Security Control Assessor (SCA)

Mission Technologies, a division of HIISpringfield, VA· 5 days ago
Information Technology$103k–$150k/yrapply on jobs.hii-tsd.com