CIS CSC Security Assessment Specialist in Falls Church, VA at Booz Allen Hamilton Inc.

Date Posted: 10/19/2018

Job Snapshot

Job Description

Job Number: R0040721

CIS CSC Security Assessment Specialist

Key Role:

Maintain responsibility for the program and focus on the center for internet security (CIS) critical security controls (CSC). Leverage working knowledge of the CIS critical security controls, including all associated sub-controls to facilitate ongoing security maturity assessments across the enterprise. Research, develop, and document CSC maturity metrics, artifacts, and workflows relevant to the CIS top 20 controls identifying status of tool procurements, implementations, SIEM integrations, and decommissioning across multiple enterprise networks. Conduct analysis and technical security mapping to identify gaps and provide executive-level comprehension of current and future states of CIS maturity. Coordinate with key stakeholders across the organization to identify technology and policy mapping to each CSC sub-controls, gaps, and current and future status, assist with in-depth executive level briefings for Executive Leadership Team (ELT) on CIS CSC maturity, tools, implementation status, and the like. Update maturity status on a quarterly basis and report changes to ELT and provide recommendations for improvement based on assessment results to include changes to standard operating procedures and other policies.

Basic Qualifications:

-3+ years of experience in IT and information security conducting risk assessments to identify security gaps, assessing controls, and providing recommendations and reporting to executive leadership

-Experience with computer networking, TCP/IP, DNS, Firewalls, proxies, routers, and switches

-Ability to assess the efficacy of CSCs and develop implementation approaches for resolving CSC weaknesses

-Knowledge of CIS Critical Security Controls (CSC)

-Knowledge of Windows and Linux operating systems and information security components

-Knowledge of Cybersecurity technologies, including asset configuration management, intrusion detection and prevention systems, security incident and event management (SIEM), antivirus, networking, security vulnerability scanning, and incident response

-Ability to obtain a security clearance

-HS diploma or GED

Additional Qualifications:

-BA or BS degree in IT, Cybersecurity, or Management Information Systems

-CompTIA Security+, Network+, A+, CISSP, and CEH

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.