The Staffing Resource Group, Inc
http://www.srg-us.com
http://www.srg-us.com
We are currently hiring a Senior Security Controls Assessor (SCA) with a TS/SCI clearance with Full-Scope Polygraph, 8+ years of experience, and IAM Level III certification (CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH, CISM, or GSLC).
Location: Columbia, MD
Industry: Defense
Employment Type: Contract-to-Hire
Salary: Dependent on experience, education, and certifications
Qualifications:
Keywords: Top Secret, TS, TS/SCI, clearance, polygraph, poly, FSP, full-scope poly, Senior Security Controls Assessor, SCA, CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH, CISM, GSLC
EOE/ADA
#clearance
(ID#005)
Senior Security Controls Assessor SCA
Columbia, MD
Posted: 02/15/2019
2019-02-15
2020-01-14
Job Number: JN -022019-10479
Job Description
Senior Security Controls Assessor (SCA) TS/SCI Clearance w/ FS Poly
We are currently hiring a Senior Security Controls Assessor (SCA) with a TS/SCI clearance with Full-Scope Polygraph, 8+ years of experience, and IAM Level III certification (CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH, CISM, or GSLC).
Location: Columbia, MD
Industry: Defense
Employment Type: Contract-to-Hire
Salary: Dependent on experience, education, and certifications
Qualifications:
- Active TS/SCI with Full-Scope Polygraph
- Bachelor s in Information Technology, Security, Network Systems, or related field plus 8+ years of directly related experience or equivalent combination of education, experience, training and certifications
- Certification(s): DoD 8570-1M Change 2 IAT Level III or IAM Level III requirements (CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH, CISM, or GSLC)
- Experience in security or system engineering relating to telecommunications concepts, operating systems, databases/DBMS, middleware, applications, web-servers, SANS/Netaps, Active Directory, firewalls, and controlled interfaces
- Strong presentation, report writing and customer interface skills
- Familiarity with various operations systems such as Microsoft Windows, various versions of UNIX (AIX, Solaris, HPUX, etc), and Linux
- Detailed knowledge of TCP/IP and other major protocols (i.e. NetBEUI, NETBIOS, IPX/SPX) and the inherent weaknesses of the protocols
- Understanding of hacking methodology concerning performing a vulnerability assessment
- Ability to describe a system's avenues of compromise in a network environment and differentiate between various types of network attacks
- An understanding of a typical secure topology and architecture for a site connected to the Internet (i.e. routers, firewalls, web servers)
- Understanding of how to read and interpret a network diagram and identify possible security related concerns
- Conduct a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system)
- Provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities.
- Assess the overall security compliance of the client s information systems by actively analyzing security functions for design weaknesses and technical flaws, determining system vulnerabilities by performing vulnerability assessments, and conducting on-site evaluations
- Conduct verification and validation for security compliance of all information systems, products, and components
- Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures
- Provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance
Keywords: Top Secret, TS, TS/SCI, clearance, polygraph, poly, FSP, full-scope poly, Senior Security Controls Assessor, SCA, CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH, CISM, GSLC
EOE/ADA
#clearance
(ID#005)