Security Assessor - Mid

Zermount, Inc.
Springfield, VA
Jan 16, 2022
Jan 18, 2022
IT, Security Engineer
Full Time
Coordinate and/or perform additions and changes to network hardware and operating systems, and attached devices; includes investigation, analysis, recommendation, configuration, installation, and testing of new network hardware and software. Provide direct support in the day-to-day operations on network hardware and operating systems, including the evaluation of system utilization, monitoring response time and primary support for detection and correction of operational problems. Troubleshoot at the physical level of the network, working with network measurement hardware and software, as well as physical checking and testing of hardware devices at the logical level working with communication protocols. Maintain network infrastructure. Provide technical consultation, training and support to IT staff as designated by the government.Specialized Responsibilities:Conduct, evaluate, and analyze vulnerability results from ATO assessments, penetration tests, or ad hoc risk assessments from the following set of tools, to include but not limited to: NESSUS, AppDetective, WebInspect, AppScan and Nipper and create POA&M Matrices from results.Conduct Audit of Privileged Accounts (APA) as part of ATO activities and annually review ISSO Privileged Account Audits. Execute responsibilities as outlined in the SA and OA Standard Operating Procedures and assist the policy manager in the review of these, and other SOP-related processes for updates. Monitor all systems and infrastructure as authorized. Ensure the infrastructure availability. Maintain security, backup and redundancy strategies. participate in the design of information and operational support systems. Basic Responsibilities:Check existing systems and suggest improvements. Apply tech solutions to strengthen systems. Review and control documents. Perform standard operating procedures. Required Qualifications:Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements. Technical knowledge of complex enterprise IT systems.Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus SecurityCenter, Splunk, etc. Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers. Basic Qualifications:Must have good communication and interpersonal skills, allowing them to coordinate with team members in project management, security, asset management, customer service, or help desk departments.Must be capable of evaluating the progress of teams and providing guidance and instruction to help teams solve problems and manage projects. Excellent conflict resolution, analytical, and decision-making skills are crucial to this position. Project management is also a desired skill.Years of experience or Education requirement: Education: Bachelor preferable but professional experience is Permitted:7 years minimum of IT Cybersecurity experience including direct support of the US government and 4 years acting as an ISSO, assessor, or compliance analyst OR A relevant Bachelor's degree in IT, Computer Science or engineering with 5 years of IT cybersecurity experience including direct support for the US Government and 4 years acting as an ISSO, assessor, or compliance analystCertifications and Training (Required): At least one of the following security certifications:Certified Authorization Professional (CAP)Certified Information Systems Security Officer (CISSO)Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)Clearance level:Must have at least a Secret Level Security Clearance.Work Location: Remote is authorized and the location of performance is Springfield, VA, Annapolis Junction, MD and Freedom Center in Herndon, VA. Travel is not reimbursed for travel between Performance location and Remote Location.Powered by JazzHRfVuTVMWPkK