JobTarget Logo

Junior Security Control Assessor (On-Site) in Washington, District of Columbia at Crest Security Assurance

NewSalary: $117000 - $123000Job Function: Safety
Crest Security Assurance
Washington, District of Columbia, 20551, United States
Posted on
New job! Apply early to increase your chances of getting hired.

Explore Related Opportunities

Job Description

REQUIREMENTS:

At least 2 of experience performing the functions associated with this labor category.

  1. Experience performing control assessments as part of a team in accordance with applicable NIST standards (NIST 800-53, Rev 5, or newer version, as applicable).
  2. Experience preparing control assessment plans, executing technical and non-technical assessments actions, evaluating the risk associated with areas of deficiency, and documenting detailed findings and executive-level summaries of assessment results.
  3. Experience briefing stakeholders on key findings, recommendations, risks, and impacts.
  4. Experience providing direct support of information security compliance activities, including managing plans of actions and milestones (POA&Ms) and inventories of information systems.
  5. Understanding of relevant laws and regulations, such as NIST guidance and OMB memoranda. This includes knowledge of the NIST Risk Management Framework and familiarity with key publications like NIST SP 800-37, 800-53, and 800-171.
  6. Experience conducting security assessments on federal systems.
  7. Experience assessing and mitigating risks associated with cybersecurity and data privacy.
  8. Experience developing and implementing compliance programs, conducting risk assessments, and advising on compliance-related issues.
  9. Experience with the system Authorization to Operate process, including understanding the documentation required, the levels of approval needed, and the most effective ways to manage this process within a federal environment.
  10. Basic understanding of procurement processes and contract language requirements for federal mandates.
  11. Experience communicating complex regulatory and compliance information in a clear and concise manner.
  12. Experience tracking and reporting on training and awareness program performance, including calculating metrics to help measure the effectiveness of security, privacy, and social engineering training.

RESPONSIBILITIES:

The candidate shall provide support for the customer’s security compliance program that includes, but is not limited to, the following tasks:

• Work with system owners, support teams, developers, vendors, and other stakeholders as necessary to conduct control assessments.

• Ensure that plans of action and milestones (POAMs) are properly tracked, managed, and remediated.

• Assist with inventory management for security and privacy assets.

• Support training and awareness activities by developing metrics and producing reports on program effectiveness.

• Assist with the design and implementation of an authorization process that aligns with NIST standards, ensuring that new systems or significant changes to existing systems undergo proper security assessments before being authorized for operation with the environment.

• Assist with the development of a detailed security assessment framework based on NIST standards, identifying the appropriate tools, techniques, and metrics for evaluating the security of systems and applications.

• Conduct security assessments, identify vulnerabilities, document findings, and propose remediation strategies to address any identified security gaps

PLACE OF PERFORMANCE:

The selected candidate shall work on-site in the Board's Washington, DC premises 5 days per week.

CITIZEN STATUS:

US Citizen is required.

PREFERRED CERTIFICATIONS:

Certified Information Systems Security Professional (CISSP)

GIAC Security Essentials Certification (GSEC)

Job Location

Washington, District of Columbia, 20551, United States

Frequently asked questions about this position

Similar Jobs In Washington, District of Columbia

New

Senior Network Engineer

Improvix Technologies
Washington, District of Columbia

Systems Operation Administrator III

Olgoonik Corporation
Washington, District of Columbia

Badge Office Analyst (Security Support Specialist I)

Excalibur Associates Inc
Washington, District of Columbia

Risk Mitigation Specialist Expert TS SCI w/Poly

General Dynamics Information Technology
Washington, District of Columbia

Activity Security Representative (ASR) II ~ Washington, DC area

General Dynamics Information Technology
Washington, District of Columbia

Apply NowYour application goes straight to the hiring team