Platzhalter Bild

Security Control Assessor Team Lead bei ECS Federal

ECS Federal · Washington, Vereinigte Staaten Von Amerika · Onsite

155.000,00 $  -  165.000,00 $

Jetzt bewerben

ECS is seeking a Security Control Assessor Team Lead to work in our Washington, DC office.  

 

  • Lead a team of Security Control Assessors (SCA) in the accomplishment of required contract SCA deliverables.
  • Review and update existing information security policy, standards, and procedures based on federal and departmental regulations.
  • Perform independent security and privacy control assessments in support of RMF Assessment & Authorization (A&A).
  • Conduct assessments of existing and new FISMA systems, including subsystems in the respective system boundary, and communicate the results and potential implications of identified control weaknesses.
  • Reviews and analyze, Assessment & Authorization (A&A) packages to include System Security Plans (SSP), Risk Assessments, Information System Contingency Plans (ISCP), Back-up Standard Operating Procedures (SOP), Incident Response Plans (IRP), Configuration Management Plans, (CMP), Hardware/Software lists, Network Diagrams, Data Flows, System Change Requests/Proposals, Vulnerability scan reports, test reports, and Plan of Actions & Milestones (POA&Ms) for completeness, accuracy, and document effectiveness of controls, plans and procedures implementation.
  • Create and maintain test cases for security assessment testing and perform security testing at the control-requirement level for each unique component of each system (e.g., application, web application server, financial systems, database server/instance, operating systems, specialized appliances, network and infrastructure devices, and end-user devices (e.g., mobile phones, laptops, etc.).
  • Develop and execute a security and privacy assessment plan in accordance with NIST SP 800-53A, as amended, requirements, for each security assessment project. A&A activities shall include support for RMF steps 4-6.
  • Document and provide findings and recommendations that are concise, system-specific, and actionable.
  • Analyze security tool reports and determine residual risk or false positives from technical reports and artifacts before assigning findings.

 

Salary Range: $155,000 - $165,000

General Description of Benefits

Jetzt bewerben

Weitere Jobs

Firmenlogo

Market Sales Manager (Denver)

poppi · Denver, Vereinigten Staaten Von Amerika

Firmenlogo

Direct Support Professional (DSP)

Easterseals PORT Health · Gates, Vereinigten Staaten Von Amerika

Firmenlogo

Direct Support Professional (DSP)- Windsor

Easterseals PORT Health · Windsor, Vereinigten Staaten Von Amerika