SilverEdge
Security Control Assessor-Expert
SilverEdge, Mc Lean, VA
Required Skills
Overview
SilverEdge is seeking candidates for the following position: Security Control Assessor-ExpertPerforms all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team. Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation including system level attacks and user level attacks.o Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOMo Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)o Demonstrated experience conducting hands on security testing, analyzing results, documenting risks, and recommending countermeasureso Demonstrated experience developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations and instructionso Demonstrated experience providing threat analysis based on identified security vulnerabilitieso Develops and documents security evaluation test plans and procedureso Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation
Responsibilities
Candidates for this position must have performed one full year of Pen Test or Security Control Assessment within the last three years in one following cloud environment (AWS, IBM, Google, Microsoft Azure, or Oracle Cloud).Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)Strong understanding of the Assessment and Authorization (A&A) processExcellent oral and technical writing skills
Qualifications
Desired Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH
Overview
SilverEdge is seeking candidates for the following position: Security Control Assessor-ExpertPerforms all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team. Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation including system level attacks and user level attacks.o Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOMo Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)o Demonstrated experience conducting hands on security testing, analyzing results, documenting risks, and recommending countermeasureso Demonstrated experience developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations and instructionso Demonstrated experience providing threat analysis based on identified security vulnerabilitieso Develops and documents security evaluation test plans and procedureso Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation
Responsibilities
Candidates for this position must have performed one full year of Pen Test or Security Control Assessment within the last three years in one following cloud environment (AWS, IBM, Google, Microsoft Azure, or Oracle Cloud).Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)Strong understanding of the Assessment and Authorization (A&A) processExcellent oral and technical writing skills
Qualifications
Desired Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH