Senior Security Controls Assessor (SCA) - TS/SCI w/poly *5K Sign-On BONUS

Columbia, MD
Jun 17, 2019
Jun 19, 2019
IT, Security Engineer
Full Time
"Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nation's most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.We continue to thrive and need your talent and motivation to help propel us farther, faster."** THIS POSITION IS ELIGIBLE FOR A $5K SIGN-ON BONUS **Jacobs is seeking a Senior Security Controls Assessor (SCA) to support a prime contract in our Columbia, MD office. Duties may include:Assess the overall security compliance of the client's information systems by actively analyzing security functions for design weaknesses and technical flaws, determining system vulnerabilities by performing vulnerability assessments, and conducting on-site evaluationsConduct verification and validation for security compliance of all information systems, products, and componentsAnalyze design specifications, design documentation, configuration practices and procedures, and operational practices and proceduresProvide identification of non-compliance of security requirements and possible mitigations to requirements that are not in complianceConduct on-site evaluationsValidate the security requirements of the information systemVerify and validate that the system meets the security requirementsProvide vulnerability assessment of the systemCoordinate penetration testingProvide a comprehensive verification and validation report (certification report) for the information systemProvide process improvement recommendationsAssist the Government to draft standards and guidelines for usage#cjpost#dicepost*BCG* Basic Qualifications:Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus eight (8) to twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certificationsExperience in security or system engineering in five or more areas, including: telecommunications concepts, operating systems, databases/DBMS, middleware, applications, web-servers, SANS/Netaps, Active Directory, firewalls, and controlled interfacesDoD 8570-1M Change 2 IAT Level III or IAM Level III requirements (CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CISM OR GSLC Active TS/SCI with current polygraphAdditional Qualifications:Certifications in an operating system such as Linux/Unix or Windows 7Ability to think 'out of the box'Strong presentation, report writing and customer interface skillsFamiliarity with various operations systems such as Microsoft Windows 2000/2003, NT4, XP, various versions of UNIX (AIX, Solaris, HPUX, etc), and LinuxKnowledge of TCP/IP and other major protocols (ie NetBEUI, NETBIOS, IPX/SPX) and the inherent weaknesses of the protocolsUnderstanding of 'hacking' methodology concerning performing a vulnerability assessmentAbility to describe a system's avenues of compromise in a network environment and differentiate between various types of network attacksUnderstanding of a typical secure topology and architecture for a site connected to the Internet (ie routers, firewalls, web servers)Understanding of how to read and interpret a network diagram and identify possible security related concernsAbility to keep a robust security skill set current and to work on multiple projects concurrently*Sign-on bonus is only applicable to external hires*Essential Functions:Physical Requirements:Working at a computer or desk (Considerations: Sitting, Eyes, Hands)May involve long periods of sittingWork Environment:An inside office environment (Considerations: Closed quarters, lighting, and temperature fluctuations)Needs to be able to work well with and support co-workers and clientsNeeds to have clear, concise and accurate communication skillsEquipment and Machines:Standard office equipment and machines, computer workstationAttendance:Punctuality and regular attendance are necessary to meet deadlinesRegular attendance is necessary and requiredOther Essential Functions:Must be able to communicate effectivelyMust demonstrate professional behavior at all times when dealing with clients, management and employeesGrooming and dress must be appropriate for the position and must not impose a safety risk to the employee or othersMust be able to support and work in a proactive team environmentMust hold the safety of yourself and those around you as the number one priority in the workplace Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. Jacobs is a background screening, drug-free workplace.