Security Control Assessor
Washington, DC, US
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
Full Time Mid-level / Intermediate USD 127K - 183K
ASRC Federal
Achieving successful mission outcomes and elevated performance for federal civilian, defense and intelligence agencies, while building an enduring enterprise focused on customers, employees and shareholders.
ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™
ASRC Federal is seeking a Security Control Assessor to support our customer in DC metro area. This position provides leadership supporting and implementing federal program oversight for multiple sites across the nation. Conducts security control reviews consistent with Federal requirements, NIST SP 800-53, and Risk Management Framework (RMF). Extensive experience with applying and interpreting federal security controls. Works closely with penetration testing team to evaluate the overall program risk and help sites develop remediation actions to address unmet cybersecurity controls.
Hybrid – 3-days onsite (DC Forrestal Office) /subject to client requirements
Responsibilities:
• Developing assessment plans consistent with NIST SP 800-53 Security Controls
• Reviewing and interpreting results of cybersecurity tools, e.g. Tenable, Crowdstrike.
• Must be able to mentor junior team members and contribute to the development of testing methodologies and tools.
• Understanding of FedRAMP and cloud security authorization and inherited security controls.
• Partnering to build Purple Teaming engagement with sites.
• Familiarity with architecture and common IT systems to discuss approaches to weakness remediation.
Requirements:
• Experience in vulnerability analysis and remediation. Including providing clear instructions for describing threat actors and impact of unmet security controls.
• Experience developing Authorization Packages, System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms).
• Excellent written and oral communication skills to communicate technical findings to an executive audience.
• Monitor industry trends and potential impacts to federal cybersecurity programs, e.g. AI.
• Must have a Bachelor's degree in a related field
• 10+ years of experience
• DOE Q-Clearance or TS Equivalent
Desired skills:
• PowerBI
• MS Office – MS Excel and MS Word
• Familiarity with Archer & CSA GRC Tools.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
ASRC Federal is seeking a Security Control Assessor to support our customer in DC metro area. This position provides leadership supporting and implementing federal program oversight for multiple sites across the nation. Conducts security control reviews consistent with Federal requirements, NIST SP 800-53, and Risk Management Framework (RMF). Extensive experience with applying and interpreting federal security controls. Works closely with penetration testing team to evaluate the overall program risk and help sites develop remediation actions to address unmet cybersecurity controls.
Hybrid – 3-days onsite (DC Forrestal Office) /subject to client requirements
Responsibilities:
• Developing assessment plans consistent with NIST SP 800-53 Security Controls
• Reviewing and interpreting results of cybersecurity tools, e.g. Tenable, Crowdstrike.
• Must be able to mentor junior team members and contribute to the development of testing methodologies and tools.
• Understanding of FedRAMP and cloud security authorization and inherited security controls.
• Partnering to build Purple Teaming engagement with sites.
• Familiarity with architecture and common IT systems to discuss approaches to weakness remediation.
Requirements:
• Experience in vulnerability analysis and remediation. Including providing clear instructions for describing threat actors and impact of unmet security controls.
• Experience developing Authorization Packages, System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms).
• Excellent written and oral communication skills to communicate technical findings to an executive audience.
• Monitor industry trends and potential impacts to federal cybersecurity programs, e.g. AI.
• Must have a Bachelor's degree in a related field
• 10+ years of experience
• DOE Q-Clearance or TS Equivalent
Desired skills:
• PowerBI
• MS Office – MS Excel and MS Word
• Familiarity with Archer & CSA GRC Tools.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
Job stats:
0
0
0
Tags: Clearance Cloud CrowdStrike FedRAMP NIST NIST 800-53 Pentesting POA&M Risk management RMF Security assessment Security Assessment Report System Security Plan
Perks/benefits: Competitive pay Health care Insurance
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cybersecurity Engineer jobsInformation System Security Officer jobsIT Security Analyst jobsSenior Security Analyst jobsSenior Information Security Analyst jobsSecurity Operations Engineer jobsSenior Cloud Security Engineer jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Product Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSecurity Consultant jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsNetwork Engineer jobsCyber Threat Intelligence Analyst jobsSenior Software Engineer jobsIT Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobsSenior IT Auditor jobs
GDPR jobsSecurity assessment jobsEDR jobsTS/SCI jobsEncryption jobsSDLC jobsThreat detection jobsRMF jobsMalware jobsTerraform jobsSplunk jobsSQL jobsIDS jobsITIL jobsFinance jobsCompTIA jobsOWASP jobsTop Secret jobsIPS jobsForensics jobsSOC 2 jobsActive Directory jobsDocker jobsGIAC jobsClearance Required jobs
TCP/IP jobsOSCP jobsCRISC jobsHIPAA jobsMITRE ATT&CK jobsDoDD 8570 jobsIntrusion detection jobsAnsible jobsVPN jobsCCSP jobsZero Trust jobsJavaScript jobsSOAR jobsJira jobsDNS jobsUNIX jobsIT infrastructure jobsData Analytics jobsIndustrial jobsSOX jobsBanking jobsNIST 800-53 jobsKPIs jobsGCIH jobsSANS jobs