Independent Assessor

Job Summary

Conducts independent comprehensive assessments of the management, operational, and
technical security controls and control enhancements employed within or inherited by an
information technology (IT) system to determine the overall effectiveness of the controls (as
defined in NIST SP 800-37). Develops Baseline and Risk Assessments (BARA) for new
applications/capabilities deployed to the environment. Supports all phases of the RMF Process
to include the Prepare, Categorize, Select, and Implement tasks associated with system security
plan development.

Key Skills & Experience 

• Four (4+) years of experience performing security assessments and/or audits (both
  technical and documenting) on information systems.
• Demonstrated experience in determining how a security system should work, including
  its resilience an dependability capabilities.
• Demonstrated experience in discerning the protection needs of information systems,
  networks, and platform information technology.
• Demonstrated experience in applying the principles of confidentiality, integrity, and
  availability.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating
  risk).
• Knowledge of national and international laws, regulations, policies, and ethics as they
  relate to cybersecurity.
• Knowledge of cybersecurity principles, cyber threats, and vulnerabilities.
• Knowledge of computer networking concepts and protocols, and network security
  methodologies.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of cloud computing service models Software as Service (SaaS),
  Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
• Knowledge of cloud computing deployment models in private, public, and hybrid
  environments and the difference between on-premises and off-premises environments.

Education, Certifications, & Credentials:

• Bachelor of Science (BS) Degree in Computer Science, Information Technology (IT),
  Cybersecurity, or Engineering related field.
• Minimum IAM II Certification: CAP, CASP+ CE, CISM, CISSP, GSLC, CCISO, HCISPP
• Active TS/SCI clearace w/CI Poly required.

*All duties and responsibilities are not captured in this job description. To find out more, please
reach out to the recruiter for this role*