Security Controls Assessor
Columbia , MD 21045
Education and Clearance
- BS and 9 Years experience
- 8570 IAT II (Sec+, CCNA Security)
- TS/SCI FS poly
: This team is built to work with customers preparing for certification and accreditation. They help by tailoring vulnerability scanning tools and automated hardening scripts designed to help take the load off customer working with systems to secure and prepare for certification and accreditation. This team consists of Unix, Windows and Application subject matter experts. They research and gather data to support compliance baselines and security questions.Day to day activities:
Your day to day duties would include researching and troubleshooting security or compliance related questions. Creating baselines for new and upcoming OS's or applications and creating a test environments to help support testing including modifying audit file variables. Your team would consist of roughly 7-10 individuals.Additionally, duties may include:
Conducting verification and validation for security compliance of all information systems, products, and components.
Working with SCAP and XML data used for security testing.
Analyzing documentation, configuration practices and procedures and operational practices and procedures
Providing identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance.
Providing mock vulnerability assessment of systems
Providing process improvement recommendations
Assisting the government to draft standards and guidelines for usageDesired skills:
Experience in security testing or security engineering
Experience with Windows or Unix systems
Experience using vulnerability scanning technologies.
Experience working both individually and as a team.What makes a great employee for this position?
Our best team members consist of knowledgeable system administrators who have taken the next step to learn how to secure their systems. Having knowledge about the baseline system and its configuration settings goes a long way. Working security into a functioning system can be challenging and system administrators have a good understanding of the repercussions hardening a system can have on its functionality.