Security Assessor - Senior
Company: Zermount Inc.
Posted on: January 16, 2022
Design, develop, engineer, and implement solutions. Perform
complex risk analyses which also include risk assessment. Establish
and satisfy information assurance and security requirements based
upon the analysis of user, policy, regulatory, and resource
demands. Support customers at the highest levels in the development
and implementation of doctrine and policies. Apply know-how to
government and commercial common user systems, as well as to
dedicated special purpose systems requiring specialized security
features and procedures. Perform analysis, design, and development
of security features for system architectures.
- Assess all applicable security controls defined in the in the
mandated DHS Compliance tool and applicable to the systems under
- Complete a FIPS-199, Privacy Threshold Analysis (PTS),
E-Authorization, Contingency Plans (CPs), Contingency Plan Tests,
- Develop the SA Package documentation to include Security
Assessment Plans (SAP), Security Assessment Reports (SAR), ATO
Letters, ATO Recommendation Memo, Risk Assessment Memos, CFO
Designation Memo, POA&M finding matrices, Executive Data Sheet
(EDS), OA artifacts, etc.
- Gather evidence for ATO efforts and store results in the
mandated DHS Compliance Tool and/or in a separate customer
- Review for upgrades and provide recommendation on whether this
will result in major or minor changes and overall cybersecurity
impact and utilize tools for tracking of changes.
- Provide recommendations for refining and/or improving existing
RMF processes and procedures and support implementation of these
- Analyze IT specifications to assess security risks. Design and
implement safety measures and data recover plans. Secure
- Inspect customers systems for vulnerable points of access.
Monitor network activities and communicate them to teams.
- Knowledge of NIST Guidelines and FISMA Cybersecurity compliance
requirements Technical knowledge of IT systems.
- Knowledge of and experience using relevant cybersecurity and
analysis tools such as Archer, Nessus Security Center, Splunk,
- Experience communicating effectively, both oral and written,
with technical, non-technical, and executive-level customers.
- Proven experience as a Computer Security Specialist.
- Programming skills are preferred.
- Familiarity with security frameworks e.g. NIST Cybersecurity
framework and risk management methodologies.
- Knowledge of patch management, firewalls and intrusion
- Familiarity with public key infrastructure (PKI) and
cryptographic protocols e.g. SSL/ TLS.
- An analytical mind with excellent problem-solving ability.
- Outstanding communication and organization skills.
- Decision-making skills.
Years of experience or Education requirement: Education: Bachelor
preferable but professional experience is Permitted:
- 7 years minimum of IT Cybersecurity experience including direct
support of the US government and 4 years acting as an ISSO,
assessor, or compliance analyst OR
- A relevant Bachelors degree in IT, Computer Science or
engineering with 5 years of IT cybersecurity experience including
direct support for the US Government and 4 years acting as an ISSO,
assessor, or compliance analyst
Certifications and Training (Required): At least one of the
following security certifications:
- Certified Authorization Professional (CAP)
- Certified Information Systems Security Officer (CISSO)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Must have at least a Secret Level Security Clearance.
Work Location: Remote is authorized and the location of performance
is Springfield, VA, Annapolis Junction, MD and Freedom Center in
Herndon, VA. Travel is not reimbursed for travel between
Performance location and Remote Location.
Powered by JazzHR
Keywords: Zermount Inc., Washington DC , Security Assessor - Senior, Other , Springfield, DC
Didn't find what you're looking for? Search again!