Cybersecurity Compliance Tester
Rockville, MD, United States
Full Time Mid-level / Intermediate Clearance required USD 52K - 123K *
Oasis Systems
Overview
Cybersecurity Compliance Tester
Be the Difference
Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.
Astrion has an exciting opportunity for a Cybersecurity Compliance Tester for the CPSS Contract, supporting the Civilian Division.
JOB DETAILS
LOCATION: 85% remote. Must live in the DMV area for occasional customer meetings in Rockville, MD. These meetings could be last minute requests.
JOB STATUS: FT
TRAVEL: 15%
REQUIRED QUALIFICATIONS / SKILLS
- BA/BS or 4 years additional equivalent experience.
- 2 years IT experience specialized in scanning systems, information assurance support, and/or assessing systems.
- At least one of the following certifications: CompTIA Security+, CISSP, ISACA CISA, GIAC GSEC, GIAC GSNA, GIAC GPEN or CEH.
- Required Security Clearance: Ability to obtain NRC IT-I
PREFERRED QUALIFICATIONS / SKILLS
- Previous experience administrating (or a comprehensive working knowledge) of the following technologies
- Windows Server
- Web Servers (IIS, Apache)
- Databases (MS SQL, MySQL)
- Linux (RHEL / CentOS)
- Familiarity with DISA STIGs, SCAP content, Tenable Audit files, and / or CIS Benchmarks.
- Knowledge of system and application security threats and vulnerabilities.
- A working understanding of wireless networking protocols and security mechanisms is a plus.
- Experience with vulnerability scanning tools, such as Tenable Security Center / Nessus is a plus.
- Ability to prioritize and complete tasks efficiently and effectively.
- Ability to analyze and document scan results in official deliverables.
- Comfortable working individually and as part of a team.
- Scripting ability (e.g., PowerShell, VBA) is a plus.
- Proficiency with Microsoft Office applications, primary importance on Word and Excel.
- Familiarity with the use of artificial intelligence (AI) tools such as chat technologies to enhance personal productivity
RESPONSIBILITIES
- Coordinate with the project management team and the customer to fulfill testing requirements for projects within the project schedule time frame.
- Develop scanning work orders capturing the scope of scans and tools/compliance checklists to be utilized and keep up to date throughout the project lifecycle as scans and checks are completed.
- Conduct automated (25%) and manual (75%) scans verifying compliance with customer standards, DISA STIGs, CIS Benchmarks, vender security hardening documentation, and industry best practices.
- Develop findings tracking sheets for each project to analyze/summarize all automated and manual scan results and provide remediation information using customer approved templates.
- Conduct wireless scans using a customer owned wireless scanning laptop
- Reports of results will include screenshots of heatmaps, analysis of potential rogue access points, and recommendations for minimizing risk as necessary.
- Research and evaluate threats and vulnerabilities to assist in prioritization of remediation actions.
- Compile, organize, and report vulnerabilities and mitigation results to quantify program effectiveness.
- Develop vulnerability assessment reports depending on assigned effort using customer approved templates.
- Work with the quality assurance team to ensure scanning deliverables are customer ready prior to delivery.
- Meet with stakeholders to review scan results and project deliverables.
- Advise stakeholders on appropriate remediation & mitigation solutions.
- Update customer owned scanning laptops, to include OS updates, application updates, and vulnerability plugins.
- Other duties as assigned.
What We Offer
- Competitive salaries
- Continuing education assistance
- Professional development allotment
- Multiple healthcare benefits packages
- 401K with employer matching
- Paid time off (PTO) along with a federally recognized holiday schedule
Who We Are
At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to “Be the Difference”. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.
We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what’s possible. We promote collaboration and empowering our teams is at the core of our success.
Join Astrion and Be the Difference in your career and the world!
Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
#LI-CK1
#CJ
#DICE
#MON
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Artificial Intelligence CEH CISA CISSP Clearance Compliance CompTIA DISA GIAC GPEN GSEC GSNA ISACA Linux MSSQL MySQL Nessus PowerShell SCAP Scripting Security Clearance SQL STIGs Vulnerabilities Windows
Perks/benefits: Career development Competitive pay Gear
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.