Information Assurance/Security Analyst II/ Security Control Assessor at Sprymethods

Federal Prisons Industries maintains a defense-in-depth security environment that provides successive security controls as a person progresses through the security architecture. The Federal Prisons Industries maintains firewalls, intrusion detection systems, managed security services, and anti-virus/anti- spyware on the desktop. Laptops are encrypted for protection of data, Web traffic is filtered, and a security event/log management has been deployed. Federal Prisons Industries maintains a vulnerability management program that is used to perform multiple scans each month and operates a mature process for ensuring that identified vulnerabilities are analyzed, reported, and addressed.A security controls assessor (SCA) evaluates the security controls within network systems to identify vulnerabilities and recommends actions to correct problems, working alone and as part of a team. Your duties begin with conducting an in-depth assessment of the management, operations, and technical security controls. You then document a plan to address vulnerabilities and continue to monitor the security of network systems.

Requirements

Must have 2+ years of experience

Hold at least one of the following certifications: CompTIA Security+ certification Certified Ethical Hacker (CEH), CompTIA Advanced Security Practitioner (CASP or CASP+), Certified Information Systems Auditor (CISA), or Certified Information Systems Security Professional (CISSP).

Must have a college degree in an IT related field of study.

Must be familiar with the Risk Management Framework (RMF) and the NIST 800-53 Rev 5 controls.

Must have experience using CSAM or other RMF approved system of record.

 Must analyze information and prepare reports describing the vulnerability level of the network with specific details as to what compromises data systems.

Apply Now