![Bering Straits Native Corporation (BSNC)](https://media.trabajo.org/img/noimg.jpg)
Security Control Assessor, Lead
4 weeks ago
Overview:
**SUMMARY**
Bering Global Solutions, LLC, a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Security Control Assessor, Lead for a government client in Washington, DC. The selected individual will guide system owners, designated IT security personnel in the program offices, and other staff in fulfilling Federal Information Security Management Act (FISMA) requirements. The Security Control Assessor, Lead works to analyze, plan, and execute the work necessary to ensure the confidentiality, integrity and availability of the federal client’s IT systems, network, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures and tools.
**Responsibilities**:
**ESSENTIAL DUTIES & RESPONSIBILITIES**
- The Essential Duties and Responsibilities are intended to present a descriptive list of the range of duties performed for this position and are _not_ intended to reflect all duties performed within the job. Other duties may be assigned. _
- Plan, develop, review and maintain baselines for client’s information system to such as, System Security Plans, Software & Hardware Boundaries Documents and Diagrams, Control Implementation Matrix, Inheritance and Overlay Memos, Security Assessment and Authorization artifacts and ATO packages.
- Lead and facilitate meetings with system owners, executive management, staff, and contract partners and technical personnel to provide IT security guidance, define system boundaries, and establish and maintain information security standards and procedures in compliance with information security and risk management policies, standards, and guidelines.
- Plan, develop, and conduct vulnerability and compliance scans, contingency plan testing, and risk assessment on client’s information systems. Analyze results to identify and mitigate risk to IT systems, identify training opportunities, and update and improve information systems documentation in accordance with client’s IT security policies and System Security Plan (SSP).
- Participate in internal and external reviews, inspections, Security Assessments and Authorizations and audits to ensure compliance with federal laws, client’s security policy as well as FISMA and NIST requirements.
- Provide expert security advice to system development organizations to ensure adequate security controls are included in each system lifecycle phase.
- Lead remediation efforts when security controls are insufficient, weaknesses are identified in network security configurations, and vulnerabilities deviate from client’s security policy or federal guidelines by recommending corrective actions to mitigate identified deficiencies and developing POAMs.
- Review and analyze information system audit records for unusual or potentially unauthorized activity. Conduct investigations into activities which are in violation of system and organization security policies.
- Incorporate organizational continuous monitoring solutions into information system operations. Ensure compliance with client’s continuous monitoring policies and procedures.
Qualifications:
**QUALIFICATIONS - EXPERIENCE, EDUCATION AND CERTIFICATION**
- To perform this job successfully, an individual must be able to satisfactorily perform each essential duty. The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions._
**Required (Minimum) Qualifications**
- Basic-level understanding of basic computer and networking technologies:
- TCP/IP stack
- Windows operating systems
- Linux/Unix-based operating systems
- Networking technologies (routing, switching, VLANs, subnets, firewalls)
- Common networking protocols - SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc
- Common enterprise technologies - Active Directory, Group Policy, VMware vSphere
- Moderate-level understanding of IT security principles, technologies, best practices, and NIST guidance
- Logical Access Control
- PKI and other encryption method
- DISA STIG Security configuration baselines
- Auditing
- Vulnerability discovery and management
- NIST SP 800-53 rev. 4 control
- ** Must be Certified Information Systems Security Professional (CISSP) Certified**:
- Excellent communications skills. Ability to communicate with senior management and federal client staff - both technical and non-technical - in a clear and concise manner using proper spelling, punctuation and grammar.
- Mastery of federal IT security laws such as the Federal Information Security Management Act (FISMA), policies, regulations, requirements, Executive Orders and Presidential Decision Directives such as EO 13556, HSPD12, OMB Memos M-06-16, and M-07-16; NIST 800 series, the federal IT security and incident reporting hierarchy.
- Knowledge and experience in categorizing systems per
-
Lead Security Control Assessor
2 weeks ago
Washington, Washington, D.C., United States Graham Technologies Full timeJob Overview:Graham Technologies (GTECH) is seeking a Lead Security Control Assessor whose primary duties will be to ensure that all requirements for assessment in compliance with NIST are being met. You will be happy to know that this is a hybrid position. The work location is Washington, DC. Responsibilities:Validate all work provided by the team.Ensure...
-
Lead Security Control Assessor
3 weeks ago
Washington, United States Graham Technologies Full timeJob Overview:Graham Technologies (GTECH) is seeking a Lead Security Control Assessor whose primary duties will be to ensure that all requirements for assessment in compliance with NIST are being met. You will be happy to know that this is a hybrid position. The work location is Washington, DC. Responsibilities:Validate all work provided by the team.Ensure...
-
Security Assessor
4 weeks ago
Washington, United States Educology Solutions Full timeESI is seeking a security assessor to assist our customer in conducting independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine their effectiveness. **Duties & Responsibilities** - Develop methods to...
-
Security Controls Assessor
6 days ago
Washington, United States Alpha Omega Integration Full time**Alpha Omega** is an award-winning Federal IT Solutions provider. Since its inception in September 2016, we have grown from a start-up to a $100m/year business. Alpha Omega’s growth stems from our mission focus**:to make the US Government the best in the world**. We achieve that via advanced capabilities in the areas of Design & Product Management,...
-
Security Control Assessor Ii
3 weeks ago
Washington, United States Goldbelt, Inc. Full timeOverview: Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level incident response and forensic analysis, Hawk's personnel deliver threat analysis...
-
Security Control Assessor
3 weeks ago
Washington, United States Modern Technology Solutions, Inc. Full timeOwn Your Future. Modern Technology Solutions, Inc. (MTSI) is seeking a **Security Control Assessor (SCA) II** to join our team. **Why is MTSI known as a Great Place to Work?** - ** Interesting Work**: Our co-workers support some of the most important and critical programs to our national defense and security. - ** Values**: Our first core value is that...
-
Security Control Assessor I
2 weeks ago
Washington, United States Global Resource Solutions, Inc. Full timeGlobal Resource Solutions, Inc. (GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Security Control Assessor I. **Job Descriptio**n**: **Summary**: The SCA is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or...
-
Security Assessor
2 weeks ago
Washington, United States Swingtech Consulting Full timeLocation:Washington DC About Swingtech Consulting, Inc. Swingtech Consulting, Inc. provides technology and management consulting services for the federal, state, and local government. Our team is comprised of skilled, certified consultants that help clients achieve success with effective, created, and rapidly executed solutions. We are rapidly growing and...
-
Security Control Assessor
3 weeks ago
Washington, United States Dhara Consulting Group Full timeToday - Top Secret/SCI - Unspecified - Polygraph - Security - Jbab, DC** (ON-SITE/OFFICE)** **Security Control Assessor (SCA) 1**: **Position Description**: The SCA is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall...
-
Cyber Risk Assessor with Top Secret
3 weeks ago
Washington, United States Maania Consultancy Services Full timeJob DescriptionJob DescriptionOur federal client is looking for Cyber Risk Assessor. If you are interested, please send me your updated resume along with your expected salary range.Position: Cyber Risk AssessorJob Type: Full-timeLocation: Remote (Local to the DC area – onsite occasionally)Clearance: Active Top Secret ClearanceRequired Skills and...
-
Cyber Risk Assessor with Top Secret
4 weeks ago
Washington, United States Maania Consultancy Services Full timeJob DescriptionJob DescriptionOur federal client is looking for Cyber Risk Assessor. If you are interested, please send me your updated resume along with your expected salary range.Position: Cyber Risk AssessorJob Type: Full-timeLocation: Remote (Local to the DC area – onsite occasionally)Clearance: Active Top Secret ClearanceRequired Skills and...
-
Vulnerability Assessor Sr
3 weeks ago
Washington, United States Gray Tier Technologies Full timeGray Tier Technologies is seeking a Senior Vulnerability Assessor with an active Secret clearance to support our DOI customer's Security Operation Center in DC or Reston Virginia. The Department of the Interior (DOI) protects America's natural resources and heritage, honors our cultures and tribal communities, and supplies the energy to power...
-
Assessor Staff
1 month ago
Washington, United States Ampcus Incorporated Full timeLocation: Washington, DC (2 days a week onsite)Description:Assessor Staff must hold in good standing at least one (1) of the following IT Professional Certifications (or equivalent):o GIAC Systems and Network Auditor (“GSNA”)o ISC2 Certified Authorization Professional (“CAP”)o ISC2 Certified Information System Security Professional (“CISSP”)o...
-
Security Controls Engineer
1 month ago
Washington, Washington, D.C., United States ManTech Full timeSecure our Nation, Ignite your FutureBecome an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech , you'll help protect our national security while working on innovative projects that offer opportunities for advancement.Currently, ManTech is seeking a motivated, career and...
-
Security Controls Engineer
1 month ago
Washington, Washington, D.C., United States ManTech Full timeSecure our Nation, Ignite your FutureBecome an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech , you'll help protect our national security while working on innovative projects that offer opportunities for advancement.Currently, ManTech is seeking a motivated, career and...
-
Cyber Assessor
3 weeks ago
Washington, United States VMD Corp Full timeJob DescriptionJob Description About the Mission You Will Join: The Cyber Assessor role will play a vital role on a contract supporting the government customer's OCIO, conducting comprehensive cyber security assessments to ensure the overall security posture of the organization. Your Impact to the Mission:As a Cyber Assessor you will...
-
Cyber Assessor
2 weeks ago
Washington, United States VMD Corp Full timeJob DescriptionJob DescriptionAbout the Mission You Will Join:The Cyber Assessor role will play a vital role on a contract supporting the government customer's OCIO, conducting comprehensive cyber security assessments to ensure the overall security posture of the organization.Your Impact to the Mission:As a Cyber Assessor you will work alongside a team...
-
Cyber Assessor
3 weeks ago
Washington, United States VMD Corp Full timeJob DescriptionJob DescriptionAbout the Mission You Will Join:The Cyber Assessor role will play a vital role on a contract supporting the government customer's OCIO, conducting comprehensive cyber security assessments to ensure the overall security posture of the organization.Your Impact to the Mission:As a Cyber Assessor you will work alongside a team...
-
Cybersecurity Compliance Assessor
2 weeks ago
Washington, United States Booz Allen Hamilton Full timeCyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this cyber noise, how can these organizations understand their risks and how to mitigate them? The answer is youan information security risk spe cia list who will break down complex threats into...
-
Cybersecurity Compliance Assessor
2 weeks ago
Washington, United States Booz Allen Hamilton Full timeCyber threats are abundant, and understanding them can be overwhelming for government agencies due to their constantly evolving nature. As an Information Security Risk Specialist, you will play a key role in breaking down complex threats into actionable plans. Join our team as a Cybersecurity Compliance Assessor to collaborate with commercial Cloud Service...