Security Control Assessor (SCA) ENGINEER - Security

Security Control Assessor (SCA)
ENGINEER - Security

McLean, Virginia

Direct Hire

Apr 8, 2024

Job #: 9223

Location Options: Mclean, VA and Bethesda, MD

The candidate will be working as a Security Control Assessor to develop and documents security evaluation test plans and procedures. The candidate will support testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation.

Responsibilities:

• Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.

• Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team. Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation including system level attacks and user level attacks.

• Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
• Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
• Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities, and providing security remediation.

Job Requirements:

• Bachelor degree in Computer Science, Engineering or other related disciplines
• Active TS/SCI with polygraph clearance
• Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)
• Strong understanding of the Assessment and Authorization (A&A) process
• Demonstrated experience conducting hands on security testing, analyzing results, documenting risks, and recommending countermeasures.
• Demonstrated experience developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations, and instructions.
• Demonstrated experience providing threat analysis based on identified security vulnerabilities.
• Develops and documents security evaluation test plans and procedures.

As an ideal candidate, you will have the following skills:

• Certifications: CASP, CCNP Security, CISA, CISSP, GCED, or GCIH

Bogart Associates is an equal opportunity and E-Verify employer. All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran