Full Time
Job Description
OVERVIEW
Authenta Tech Solutions – a Cybersecurity and IT-based consulting firm that specializes in providing security solutions to federal, state, local, and commercial customers nationwide – is hiring a full-time Security Control Assessor.
Authenta Tech Solutions is a certified woman-owned, small business that provides full-scope cyber security solutions customized to your organization. With a team of highly trained IT professionals, we hold major industry standard certifications and designations to match our many years of experience. Providing top-quality service is important to us and we prioritize you always. We are on the frontier of using cybersecurity technologies to secure mission platforms and with your organization’s information security and compliance in mind, we utilize our customized processes to align your business operations and governance processes. Our goal is to ensure that your organization’s information system is secure, is compliant with regulatory standards and stays compliant.
Seeking a security professional with experience performing Security Control Assessment for the federal government. The Primary Assessor is responsible for Security Authorization activities for our client in accordance with National Institute of Standards and Technology (NIST) 800 series. A successful candidate will manage tasks related to the planning and preparation for security documentation related to the system authorization process. The Primary Assessor will provide technical/management leadership on major tasks or technology assignments.
Responsibilities
- The Primary Assessor is responsible for Security Authorization activities for our client in accordance with National Institute of Standards and Technology (NIST) 800 series
- A successful candidate will manage tasks related to the planning and preparation for security documentation related to the system authorization process
- The Primary Assessor will provide technical/management leadership on major tasks or technology assignments
- Establishes goals and plans that meet project objectives
- Specifically, the Information Assurance Analyst will be responsible for the following:
- Managing the Security Control Assessment schedule for the clients portfolio of systems to ensure system remain compliant with ATO and Continuous Monitoring requirements
- Conduct Kickoff meeting for the Security Assessment & Authorization process
- Develop Security Assessment Test Plans to outline the assessment process and requirements
- Conduct interviews with key stakeholders as a part of the Security Test and Evaluation
- Examine security documentation and artifacts to determine compliance with security regulation
- Conduct vulnerability scans using tools such as Nessus, WebInspect, and DBProtect
- Documenting Assessment results in the Requirements Traceability Matrix and the Security Assessment Report
- Create Plans of Actions and Milestones (POA&M)
- Stay abreast of industry and Government standards to include DHS and TSA Security Policies and Technical Standards
- Advise the Government on new standards and make recommendations on new IT Security technologies to improve efficiencies.
Required skills:
- Proficiency in MS Word due to their responsibility in writing several security artifacts to include documents such as Security Testing & Evaluation Plans.
- Contractor must be proficient in developing and presenting, both verbally and in writing, highly technical information and presentations to non-technical audiences at all levels of the organization. Audiences for this information include, but are not limited to, senior executives at TSA and other agencies.
- Working knowledge of the NIST 800 series publications to include but not limited to: 800-30, 800-37, 800-53 and 800-53a.
- Experience operating vulnerability scanning tools (i.e. NESSUS, AppDetective, DBProtect, WebInspect and ISS) and others as required.
Desired experience:
- Cybersecurity: 5 years (Preferred)
- Assessment: 5 years (Preferred)
QUALIFICATIONS
Baseline Certification:
Certification and Accreditation Professional (CAP), CISSP, CISM or CISA certification is preferred
Education/Years of Experience:
- Masters degree or 15 years of relevant IT experience
- Minimum of 3 years demonstrated experience conducting vulnerability and analysis of operating platforms (i.e UNIX, Solaris, and Microsoft)
- Minimum 3 years experience performing compliance testing and analysis of web facing applications and database schema
- Minimum 3 years related security experience
AUTHENTA TECH SOLUTIONS COMPANY BENEFITS
- Health insurance.
- Dental insurance.
- Vision
- Life insurance.
- 401K
- Top-of-the-line medical and situational benefit package
- 15 days of personal leave plus federal holidays.
- Professional development and training.
Authenta Tech Solutions, LLC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Recent Comments