Requirement For Sr. Security Assessor

Role: Senior Security Assessor -FAA

Location: Washington, D.C

Duration: 3+ years

Must also possess:

1. Direct experience in NIST security control assessments

2. Direct experience in System Security Plan (SSP) development

3. Direct experience conducting or supporting NIST-based risk assessments

4. Demonstrated success interfacing directly with system owners and executive management levels

5. Demonstrable excellence in written and verbal communications (samples may be requested)

6. A demonstrated consulting mentality, and the professional habit of treating all others as direct customers

7. Demonstrable understanding of basic Information Technology (IT) concepts (such as networking, access control, server functions), as well as cloud concepts

8. Demonstrable understanding of privacy concepts as they apply to security assessment as outlined in NIST’s appendix “J” of 800.53

9. The ability to conduct the following tasks without supervision:

• Conducting Security Control Assessments and testing

• System Security Plan (SSP) Review, Evaluation, Creation

• Plan of Action and Milestones (POA&M)

• Conducting Risk Analysis

• Conducting Risk Assessments

• Security Assessment Report (SAR)

• Risk Assessment Report (RAR)

• SA&A or Security Assessment and Authorization (or C&A)

• Contingency Plan Development or Evaluation

10. Secondary (search terms) areas of interest for this role:

• FedRamp

• CSAM

• FISMA

• NIST

• HP Webinspect

• McAfee Vulnerability Manager

• SCD

Please send me your updated resume with salary expectation if you are interested in this opportunity at javed.chauhan(at)biitservices.com