Cybersecurity Controls Assessor, Senior

Key Role:
Serve as an information security control assessor working in a dynamic client environment. Conduct compliance and vulnerability assessments on a broad range of systems, including mainframes, UNIX, Windows, networking, databases, virtual environments, applications, and Web servers. Use both manual and automated methodologies to identify, assess, and report security risks. Prioritize findings based on risk and document detailed corrective and remediation plans or actions in security assessment reports. Communicate threat, vulnerabilities, and risk information clearly to stakeholders in executive management positions and recommend solutions for client technical and security challenges. Provide client outreach and education on Cybersecurity requirements through oral and written communication formats. Operate in a fast-paced environment using leadership expertise and provide thoughtful ideas on process improvements and enhancements. This position is available for remote delivery and is located in the Washington, DC area.

Basic Qualifications:

-1+ year of experience with mainframe and security software

-1+ year of experience with testing NIST SP 800-53 security controls

-3+ years of experience with IT audits, including conducting technical security compliance tests and vulnerability assessments

-Ability to present IT security risk to business and technical executive management effectively

-Ability to be detail-oriented and organized and plan and prioritize multiple tasks

-Ability to travel up to 50% of the time

-Ability to obtain a security clearance

-HS diploma or GED

Additional Qualifications:

-2+ years of experience with conducting security assessment and authorizations or Certification and Accreditation (C&A)

-2+ years of experience with developing or implementing risk management strategies

-Experience with conducting Nessus compliance scans

-Knowledge of Cybersecurity threats and techniques used by adversaries

-Possession of excellent analytical, problem-solving, and interpersonal skills

-Possession of excellent oral and written communication skills

-BA or BS degree in Cybersecurity, IT, or Computer Engineering preferred

-CISSP Certification preferred

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.