Security Assessor

US-NM-Albuquerque
Job ID
2017-1242
# of Openings
3
Category
Cyber Security
Clearance Level
None

Company Description

Spry is a certified Small Disadvantaged Business (SDB) headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.

Overview

The Security Assessor/Analyst provides Information Security Risk Management support to the Office of Special Trustee in DOI.

Job Responsibilities and/or Success Factors

  • Strong working knowledge of IT Security requirements, technical security countermeasures, risk managements processes, contingency planning, and secure data communications
  • Experience conducting full cycle Security Assessments & Authorizations (SA&A)
  • Testing will include network, system, application and NIST control testing from  administrative and technical perspectives
  • Experience analyzing vulnerability scans and interpreting risks and employing manual checks to validate vulnerability data
  • Be able to assist DOI with understanding risk and providing risk mitigation
  • Will create Security Assessments Plans, Reports, and POA&Ms
  • The security assessment team conducts documentation reviews, inspections, and interviews with key personnel knowledgeable/ responsible for the various controls
  • Personnel interviewed are asked to show evidence of compliance, demonstration security features, provide access to (or screenshots  of) configuration files and system logs, and perform tests
  • The determination of compliance will be based upon responses to questions and analysis of supporting evidence. Screenshots, logs, or other forms of evidence provided may be uploaded of CSAM in support of the assessment results
  • Knowledge of CSAM is a plus

Required skills and experience include

  • At least 5 years experience
  • Bachelor's Degree or 4 years of specialized experience
  • Strong security assessor background
  • Must understand the Risk Management Framework (RMF) process
  • Security Certifications: CISSP or CAP

EEO Statement

At Spry, we believe talented and dedicated employees are our most valued assets and the foundation of our success. We are committed to crafting a diverse and inclusive workplace that endorses engagement, creativity, quality and innovation.

 

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed