Senior Security Controls Assessor (SCA) - TS/SCI w/poly *$5K Sign-On BONUS

CH2M & Jacobs
Columbia, MD
Jun 17, 2019
Jun 19, 2019
IT, Security Engineer
Full Time
Jacobs National Security Solutions (NSS) provides world-class IT network and service management capabilities; cutting edge cyber threat awareness and cybersecurity solutions; innovative web- and software applications development; and advanced data analytics for major clients in the Intelligence Community, Department of Defense, and Federal Civilian Agencies.Our forward thinking solutions deliver an integrated approach to IT network design and management, full lifecycle IT service management, IT service delivery, asset management, logistics and procurement, and vendor management. We leverage the expertise and passion of our employees to conduct identity and access management, penetration testing, and vulnerability assessments for our nations most closely guarded agencies and networks. Our Cyber Security Operations Centers ensure safe, effective network operations for Federal clients while our data scientists are helping stop illegal acts before they can endanger Americans or our way of life.Jacobs promotes a culture of operational excellence to create a safer, smarter, and more connected world while upholding the highest standards of compliance, quality and integrity.We continue to thrive and need your talent and motivation to help propel us farther, faster.Jacobs is seeking a Senior Security Controls Assessor (SCA) to support a prime contract in our Columbia, MD office. Duties may include:Conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (ie, the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). Provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities.Assess the overall security compliance of the clients information systems by actively analyzing security functions for design weaknesses and technical flaws, determining system vulnerabilities by performing vulnerability assessments, and conducting on-site evaluationsConduct verification and validation for security compliance of all information systems, products, and componentsAnalyze design specifications, design documentation, configuration practices and procedures, and operational practices and proceduresProvide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance#cjpost#dicepost*BCG*#corpli Basic Qualifications:Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus eight (8) to twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certificationsExperience in security or system engineering in five or more areas, including: telecommunications concepts, operating systems, databases/DBMS, middleware, applications, web-servers, SANS/Netaps, Active Directory, firewalls, and controlled interfacesDoD 8570-1M Change 2 IAT Level III or IAM Level III requirements (CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CISM OR GSLC Active TS/SCI with current polygraphAdditional Qualifications:Strong presentation, report writing and customer interface skillsFamiliarity with various operations systems such as Microsoft Windows, various versions of UNIX (AIX, Solaris, HPUX, etc), and LinuxDetailed knowledge of TCP/IP and other major protocols (ie NetBEUI, NETBIOS, IPX/SPX) and the inherent weaknesses of the protocolsUnderstanding of hacking methodology concerning performing a vulnerability assessmentAbility to describe a system's avenues of compromise in a network environment and differentiate between various types of network attacksAn understanding of a typical secure topology and architecture for a site connected to the Internet (ie routers, firewalls, web servers)Understanding of how to read and interpret a network diagram and identify possible security related concernsThe ability to keep a robust security skill set current and to work on multiple projects concurrently *Sign-on bonus is only applicable to external hires*Essential Functions:Physical Requirements:Working at a computer or desk (Considerations: Sitting, Eyes, Hands)May involve long periods of sittingWork Environment:An inside office environment (Considerations: Closed quarters, lighting, and temperature fluctuations)Needs to be able to work well with and support co-workers and clientsNeeds to have clear, concise and accurate communication skillsEquipment and Machines:Standard office equipment and machines, computer workstationAttendance:Punctuality and regular attendance are necessary to meet deadlinesRegular attendance is necessary and requiredOther Essential Functions:Must be able to communicate effectivelyMust demonstrate professional behavior at all times when dealing with clients, management and employeesGrooming and dress must be appropriate for the position and must not impose a safety risk to the employee or othersMust be able to support and work in a proactive team environmentMust hold the safety of yourself and those around you as the number one priority in the workplaceAbout Jacobs Jacobs leads the global professional services sector delivering solutions for a more connected, sustainable world. With $15.0 billion in combined revenue and a talent force more than 77,000 strong, Jacobs provides a full spectrum of services including scientific, technical, professional, construction- and program-management for business, industrial, commercial, government and infrastructure sectors. For more information, visit web address removed>