1 security control assessor with security clearance Job in herndon, va
Netizen is Hiring a Security Control Assessor Near Herndon, VA
Certificates, Licenses, and Education
- Bachelor of Science (B.S.) or equivalent combination of IT technical or cybersecurity Associates Degree.
- Candidates must be certified in one of the areas as directed by DoD 8570- CISM, CISSP, GSLC, or CCISO.
- Candidates must have a DOD Top Secret Clearance with eligibility to obtain SCI.
- Candidates who hold the Navy Qualified Validation certificate are preferred.
- Conduct Cloud Security Assessments to include validated cybersecurity controls, certifier's recommendation, and certifier’s statement of residual risk, certification assessment briefing slides, and a provisional authorization.
- Cloud Continuous Monitoring: Perform Navy Cloud Ecosystem on-going Authorization support to include continuous monitoring, annual reviews, any significant change requests of Cloud offerings or design reviews, recommendations, written reports, and briefings.
- Review, evaluate, and provide analysis in order to develop the Cloud Security Assessment Package in accordance with (IAW) the established guidelines.
- Three (3) years of cybersecurity experience with at least one year of experience conducting SCAs under ICD 503/CNSSI 1253 NIST Cybersecurity Framework, Risk Management Framework (RMF).
- Minimum of one full year supporting cloud environment and experience performing security assessments in a cloud environment (AWS preferred).
- Skill in conducting and reviewing Secure Technical Implementation Guide’s (STIG’s), vulnerability scans (Nessus) for both software (IAVM’s) and applications (SAST & DAST) as well as recognizing vulnerabilities in security systems (e.g., Cloud Environments).
- Knowledge of general attack strategies (e.g., MITRE ATT&CK Framework).
- Knowledge of Independent Verification & Validation (IV&V) of security controls.
- Knowledge of enterprise solutions across multiple cloud operating environments (JWICS, SIPRNET, NIPRNET, and commercial Internet)
- Knowledge of Risk Management Framework (RMF) processes (e.g., methods for assessing and mitigating risk) as well as knowledge of specific operational impacts of cybersecurity lapses (Xacta and eMASS experience preferred).
- Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Knowledge of IT and cloud computing security principles and methods (e.g., firewalls, demilitarized zones, encryption, CDS, etc.).
- Knowledge of cloud computing environment security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth, virtualization, containerization, IaaS, PaaS, etc.).
Job Summary
Full Time
IT Outsourcing & Consulting
$94k-117k (estimate)
05/24/2024
06/09/2024
netizencorp.com
ALLENTOWN, PA
<25
2013
Private
MICHAEL HAWKINS
$5M - $10M
IT Outsourcing & Consulting
Related Companies
About Netizen
Netizen is a cybersecurity firm that offers governance, risk and compliance management services for enterprises.
The job skills required for Security Control Assessor include Analysis, Integrity, Confidentiality, etc. Having related job skills and expertise will give you an advantage when applying to be a Security Control Assessor. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Security Control Assessor. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Security Control Assessor positions, which can be used as a reference in future career path planning. As a Security Control Assessor, it can be promoted into senior positions as a Network Security System Analyst, Sr. that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Security Control Assessor. You can explore the career advancement for a Security Control Assessor below and select your interested title to get hiring information.
Similar Jobs
Popular Articles
