Security Control Assessor

Arlington, VA, USA

SiloSmashers

From day 1, SiloSmashers set out to change how government agencies and corporations manage programs — and smash silo operations.

View all jobs at SiloSmashers

Apply now Apply later

Summary of Position

SiloSmashers is looking for a Security Control Assessor to provide a compliance assessment of the severity of weaknesses or deficiencies in CISA's CSD information systems and prepare security assessment reports containing the results and findings from the assessment. The individual will serve as principal security advisor on risk matters, technical and otherwise, involving the identification and prioritization of security risk to CISA CSD information systems. This work includes examining risk analysis and mitigation security considerations and providing critical thinking when applying security controls to system design, implementation, and operation of CISA systems supporting the cybersecurity and critical infrastructure protection missions.


Principle Duties and Responsibilities

  • - Must have 6+ years' experience assessing information systems and writing/preparing security assessment reports
  • - Perform host, network, cloud, application-based, machine learning based security assessments and conduct a comprehensive assessment of the management, operational, and technical security controls to determine the overall effectiveness of the controls
  • - Responsible for creating and updating the master schedule of all security assessments and for delivering it to the Government for approval
  • - Develop standard operating procedures, security test plans, assessment schedules, Rules of Engagement for stakeholders' assessment results and recommendations and provide expert technical support for potential targets both before and after the assessment
  • - Complete the following communication and reporting activities: assessment kickoff meeting, daily statuses, and out-brief meeting
  • - Perform annual, ongoing, and ad-hoc assessments that support the continuous monitoring strategy for all systems with an ATO
  • - Collaborate with authorizing officials and/or system owners to plan security assessments as needed


Required Skills, Knowledge and Experience

  • - BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.
  • - 6+ years of security control assessment experience
  • - 3+ years of experience with FedRamp systems (Azure, AWS, GCP)
  • - Effective written and oral communication skills.
  • - Previous Federal Government experience is a plus.

Security Clearance

  • Minimum Secret

Work Location

  • 100% remote with occasional on-site visits as needed
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0

Tags: AWS Azure CISA Clearance Cloud Compliance Computer Science FedRAMP GCP Machine Learning Monitoring Risk analysis Security assessment Security Assessment Report Security Clearance Strategy

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.