Security Assessor

TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role involves conducting comprehensive assessments, identifying vulnerabilities and security risks, and working with IT and development teams to recommend and validate remediation strategies. The ideal candidate possesses a deep understanding of cybersecurity principles, risk management frameworks, and the ability to communicate complex information clearly to technical and non-technical stakeholders.

Key Responsibilities

·         Conduct Security Assessments: Perform in-depth evaluations and testing of management, operational, and technical security controls across various systems, networks, and software applications.

·         Identify Vulnerabilities and Risks: Utilize assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document findings, and assess the severity of risk.

·         Documentation and Reporting: Prepare detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms), for identified weaknesses and deficiencies.

·         Ensure Compliance: Verify and validate that systems and processes meet established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP).

·         Remediation and Collaboration: Collaborate with system owners, IT teams, and developers to recommend corrective actions, provide guidance on secure practices, and ensure the proper implementation of mitigation strategies.

·         Continuous Monitoring: Support the development and implementation of a continuous monitoring strategy and assess proposed changes to information systems that could affect their security posture.

Stay Current: Monitor and analyze security trends, threats, and new technologies to stay updated on emerging risks and mitigation techniques.

·         Education: A Bachelor's degree in Computer Science, Information Security, Information Systems, or a related field, or equivalent work experience.

·         Experience: A minimum of 3-5 years of experience in cybersecurity, risk management, or security assessment/auditing roles.

·         Technical Knowledge: Strong knowledge of cybersecurity principles, network protocols, operating systems, and web application security.

·         Frameworks and Guidelines: In-depth understanding and practical experience with security frameworks and guidelines such as the NIST 800-series (e.g., RMF, NIST 800-53/53A, FIPS), ISO 27001, or similar.

·         Assessment Tools: Proficiency in using security assessment and vulnerability scanning tools (e.g., Nessus, Burp Suite, OWASP ZAP).

·         Analytical Skills: Excellent problem-solving, analytical, and critical thinking skills with strong attention to detail.

·         Communication: Strong written and verbal communication skills to prepare reports, present findings, and advise diverse stakeholders effectively.

Preferred Certifications

·         Certified Information Systems Security Professional (CISSP)

·         Certified Information Security Manager (CISM)

·         Certified Authorization Professional (CAP)

·         Certified Information Systems Auditor (CISA)

·         Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) (if applicable to the specific role's focus on penetration testing)

Qualified Security Assessor (QSA) (for roles specifically focused on PCI DSS compliance).

At TLA, we build solutions that matter—supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission-focused outcomes for our customers.

We offer a competitive and comprehensive benefits package including:

• Competitive salary and performance bonuses
• Medical, dental, and vision coverage
• Paid time off and federal holidays
• 401(k) with company match
• Education and certification reimbursement
• Training and professional development opportunities
• Employee referral bonuses and team events

TLA is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.