Security Controls Assessor - Senior
Agil3Tech (Agil3 Technology Solutions)
A3T (Agil3 Technology Solutions, LLC), one of the fastest growing U.S. companies, specializes in Cybersecurity Operations, IT/Digital Modernization, Emerging Technology, and Professional Services. Join A3T and watch your career soar!
A3T is seeking an experienced Security Controls Assessor to support our critical customer mission. If you are experienced, hard-working and dedicated, apply today!
A3T is seeking a senior-level Security Controls Assessor (SCA) to support our DHS critical customer mission. Our contractor team supports the Chief Information Security Officer (CISO) by facilitating Federal Information Security Modernization Act (FISMA) compliance for all customer IT systems. Compliance support, including testing and engineering services, will ensure that all Information Systems Security Officers (ISSOs) have the necessary information throughout the life cycle of each system. The SCA will be responsible for audits of complex information systems, platforms, and operating procedures in accordance with established government standards for efficiency, accuracy and security.
Partial telework may be authorized based on government approval.
Duties and Responsibilities:
- Evaluates IT infrastructure in terms of risk to the organization and establishes controls to mitigate loss
- Determines and recommends improvements in current risk management controls and implementation of system changes or upgrades
- Develops information systems auditing procedures and trains staff on compliance guidelines
- Monitors procedures and provides top management with reports
- Oversees the Plan of Action and Milestones (POA&M) process.
- Conducts vulnerability assessments and penetration testing for all IT systems
- Performs static code reviews and analysis on software programs
- Oversees a team of IT auditors, testers, and administrators responsible for compliance services
- Knowledge of National Institute of Standards and Technology (NIST) publications applicable to FISMA and other directives.
- Knowledge of continuous monitoring initiatives and encryption standards
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
- U.S. citizen and ability to obtain DHS suitability for Public Trust (government security clearance desired for reciprocity)
- Seven or more (7+) years of IT security assessment experience
- CISSP or CISM
- CAP or CASP or CISA certifications
- (Desired) Bachelor’s degree from an accredited college or university in Cybersecurity, or related IT discipline
Agil3 Technology Solutions (A3T) offers a competitive benefits package to include: paid holidays, paid time off, medical, dental, vision, 401K, company paid long and short term disability and life insurance, referral bonuses, education/certification reimbursement program, and more.
It is the policy of A3T to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations.
A3T maintains a drug-free workplace and performs pre-employment substance abuse testing to include background checks.