Posted today
Secret
Mid Level Career (5+ yrs experience)
$125,000 - $140,000
No Traveling
IT - Security
Aberdeen Proving Ground, MD (On-Site/Office)
Cybersecurity Technical Auditor
POSITION: Cybersecurity Technical Auditor
LOCATION: Aberdeen Proving Ground, MD
SCOPE: Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC).
RESPONSIBILITIES:
• Secure Code Review
• Utilize HP Fortify to examine code scan results submitted by developers.
• Identify and verify noted false positives
• Provide comments on scan results and vulnerabilities present, recommend POA&M mitigations.
• Software and Hardware Assessments
• Install software on isolated VM and assess software against 800-53 controls and AS&D STIG
• Utilize Wireshark and Attack surface analyzer to assess software traffic and connections
• Assess Hardware against named STIG or SRG
• Document assessment results and potential mitigations
• Assist with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations
• STIG checklist reviews for packages managed by the branch
• Auditing of technical controls within eMASS.
QUALIFICATIONS:
• Bachelor’s Degree in directly related field and at least 5 years of relevant experience; Relevant work experience may be substituted for Bachelor’s degree
• Must hold one of following certifications:
◦ CSSP-AU
◦ CISA
◦ IASAE
◦ CASP+CE, CISSP or associate, CSSLP
• Must possess DOD 8570.01-M certifications meeting the requirements for IAT Level II or IAM Level I.
• Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
• Specialized experience in AS&D STIG compliance, secure software development/testing, static and dynamic code analysis, software assurance, software assessments, application threat modeling, performing software and hardware risk and vulnerability analysis, or a closely related function, such as technical assessment of software for networks, applications and systems; using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, and other software assurance tools.
SECURITY CLEARANCE:
• Ability to obtain/maintain Secret clearance is required
POSITION: Cybersecurity Technical Auditor
LOCATION: Aberdeen Proving Ground, MD
SCOPE: Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC).
RESPONSIBILITIES:
• Secure Code Review
• Utilize HP Fortify to examine code scan results submitted by developers.
• Identify and verify noted false positives
• Provide comments on scan results and vulnerabilities present, recommend POA&M mitigations.
• Software and Hardware Assessments
• Install software on isolated VM and assess software against 800-53 controls and AS&D STIG
• Utilize Wireshark and Attack surface analyzer to assess software traffic and connections
• Assess Hardware against named STIG or SRG
• Document assessment results and potential mitigations
• Assist with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations
• STIG checklist reviews for packages managed by the branch
• Auditing of technical controls within eMASS.
QUALIFICATIONS:
• Bachelor’s Degree in directly related field and at least 5 years of relevant experience; Relevant work experience may be substituted for Bachelor’s degree
• Must hold one of following certifications:
◦ CSSP-AU
◦ CISA
◦ IASAE
◦ CASP+CE, CISSP or associate, CSSLP
• Must possess DOD 8570.01-M certifications meeting the requirements for IAT Level II or IAM Level I.
• Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
• Specialized experience in AS&D STIG compliance, secure software development/testing, static and dynamic code analysis, software assurance, software assessments, application threat modeling, performing software and hardware risk and vulnerability analysis, or a closely related function, such as technical assessment of software for networks, applications and systems; using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, and other software assurance tools.
SECURITY CLEARANCE:
• Ability to obtain/maintain Secret clearance is required
group id: 10124333
