Security Control Assessor

Arlington, VA
Feb 20, 2021
Feb 24, 2021
IT, Security Engineer
Full Time
Are you passionate about cyber and security challenges ininformation technology, associated with threats and vulnerabilities? Are youlooking for an enriching experience to build your career and brand? If you areinterested in a role that offers an opportunity to provide front line supportto our clients instead of a back office programmer position then DeloittesGovernment and Public Services Cyber Risk team could be the place for you! Joinour team of Cyber Risk professionals who collaborate with government agencies,IT professionals, and clients to support cyber security and risk consultingengagements.Work youll doAs a Consultant within our Cyber Risk team, you will:Work with Federal clients to mitigate cyber risk andthreatsIdentify opportunities for efficiencies in workprocess and innovative approaches to completing scope of workParticipate in team problem solving efforts and offerideas to solve client issuesConduct relevant research, data analysis, and createreportsMaintain responsibility for completion and accuracyof work productsAssist in proposal development, as requestedActively expand consulting skills and professionaldevelopment through training courses, mentoring, and daily interaction withclients Use various technologies and operating systems, such asOracle, MySQL, Windows, RHEL, mainframe, Azure, Salesforce, Appian, etc. bothon-premise and in the cloud Support activities for Assessment and Authorization(A&A) of new systems, and Information Security Continuous Monitoring(ISCM), in compliance with NIST SP 800-53 controls within the Risk ManagementFramework (NIST SP 800-37) Support development and maintenance of Security andPrivacy Control Assessment project management documentation including Master Scheduleand Project Plan Prepares assessment reports documenting the findings andrecommendations from the Security and Privacy Control Assessment Provide audit support and manual testing of SecureBaseline Configuration Guides Document Security and Privacy Control Assessment lessonslearned and trend analysesThe TeamTransparency, innovation, collaboration, sustainability:these are the hallmark issues shaping government initiatives today. DeloittesGovernment and Public Services practice is passionate about making an impactwith lasting change. Carrying out missions in the GPS practice requiresfresh thinking and a creative approach. We collaborate with teams from acrossour organization in order to bring the full breadth of Deloitte, its commercialand public sector expertise, to best support our clients. Our aspirationis to be the premier integrated solutions provider in helping to transform theGPS marketplace.Our GPS Cyber Risk team is client focused and missiondriven. Our team works across industries and sectors to respond more rapidlyand effectively, providing recommendations to improve cyber threat detection.QualificationsRequired:Bachelors Degree in Information Technology,Information Systems Security, Cybersecurity, or related field2+ years experience as a Security Controls AssessorMust have active CISSP certification 1+ years experience with NIST SP 800-53 r4 securitycontrols and the security authorization process 1+ years experience documenting security controlimplementations across variety of technologiesProficiency in word processing, spreadsheet, andpresentation creation tools, as well as Internet research toolsAbility to obtain and maintain the required clearancefor this role Must be legally authorized to work in the United Statedwithout the need for employer sponsorship, now or at any time in the futurePreferred:Previous Federal Consulting experience Experience with continuous monitoringUnderstanding of fundamental cloud computing conceptsExperience with Information Assurance concepts andprocesses within the Federal governmentKnowledge of and experience with Federal securityregulations, standards, and processes including FISMA, FIPS, NIST, and FedRAMPHow youll growAt Deloitte, our professional development plan focuses onhelping people at every level of their career to identify and use theirstrengths to do their best work every day. From entry-level employees to seniorleaders, we believe theres always room to learn. We offer opportunities tohelp sharpen skills in addition to hands-on experience in the global,fast-changing business world. From on-the-job learning experiences toformal development programs at Deloitte University, our professionals have avariety of opportunities to continue to grow throughout theircareer.Explore DeloitteUniversity, The Leadership Center.BenefitsAt Deloitte, we know that great people make a greatorganization. We value our people and offer employees a broad range ofbenefits.Learn more about what working at Deloitte can mean for you.Deloittes cultureOur positive and supportive culture encourages our people todo their best work every day. We celebrate individuals by recognizing theiruniqueness and offering them the flexibility to make daily choices that canhelp them to be healthy, centered, confident, and aware. We offer well-beingprograms and are continuously looking for new ways to maintain a culture whereour people excel and lead healthy, happy lives.Learn more about Life at Deloitte.Corporate citizenshipDeloitte is led by a purpose: to make an impact thatmatters. This purpose defines who we are and extends to relationships with ourclients, our people and our communities. We believe that business has thepower to inspire and transform. We focus on education, giving, skill-basedvolunteerism, and leadership to help drive positive social impact in ourcommunities.Learn more about Deloittes impact on the world.Recruiter tipsWe want job seekers exploring opportunities at Deloitte tofeel prepared and confident. To help you with your interview, we suggest thatyou do your research: know some background about the organization and thebusiness area youre applying to.Check out recruiting tips from Deloitte professionals. As used in this posting, Deloitte Advisory means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. These entities are separate subsidiaries of Deloitte LLP. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Requisition code: E21ARLSCUSDC-115137