TestPros, Inc. ยท 4 months ago
Security Controls Assessor - Part time & Remote
United States
Full-time, Part-time
Remote
Mid, Senior Level
5+ years expTestPros, Inc. is a growing business providing IT technical support services to various clients, including U.S. Federal and State governments. They are seeking an experienced Cyber Security professional to perform risk management programs and compliance assessments using NIST frameworks, specifically focusing on NIST 800-53 Rev 5 for Authority To Operate (ATO) support.
Cyber SecurityInformation TechnologyQuality Assurance
Responsibilities
Develop NIST 800-53 Rev5 based System Security Plan (SSP)
Create/Update the applicable documents identified by NIST 800-53 Rev 5, specifically the Security Assessment Report (SAR)
Create/Update the associated Plan of Actions and Milestones (POA&M)
Provide detailed security-related reports including data, analyses, and conclusions upon completion of tests, scans, and assessments, including mitigations and, if indicated, appropriate escalation of identified risks and vulnerabilities
Verify and document the implementation of security controls necessary to achieve compliance
Keep management apprised of impending areas of concern, verbally and in writing
Review and develop System Security Plans (SSPs), Plans of Actions and Milestones (POA&Ms), and as well as other necessary artifacts
Facilitate the Plan of Actions and Milestones (POA&M) program to ensure customer systems have accurately and fully provided information for POA&M activities to include valid remediation of findings
Develop various policy documents (SOPs/CONOPs) as required. This may include policies regarding Configuration Management, IS Sanitization, Media Security, Password Policy, Business Continuity, Continuity of Operations, Incident Response, Disaster Recover, and Security Assessments
Develop new, and mature existing information security and risk policies
Initiate, and lead on-going information security maturity assessment processes and training, using industry accepted frameworks and implement into the overall cyber security posture
Produce and review key performance indicators for implemented security measures and distribute KPIs
Maintain knowledge of threat landscape by monitoring threat intelligence, and other related sources
Qualification
Required
5+ years of directly related experience in IT security compliance, including recent experience with NIST 800-53 Rev 5 'Security and Privacy Controls for Federal Information Systems and Organizations'
Cloud computing security
Security governance and policy
Security risk analysis
Auditing and monitoring systems
Scanning and vulnerability management systems
Advanced Malware Protection
Threat Intelligence
Incident Management - analysis, detection, and handling of security events
Penetration testing and associated tools (e.g., nmap, Metasploit, etc.)
Preferred
Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training, or work experience
Military and/or practical job experience may be considered in-lieu of formal education, with significant industry certifications
Benefits
Medical/dental/vision insurance
Life insurance
Paid time off
Paid holidays
401(k) retirement plan with company match
Opportunities for professional growth
Cell phone discounts
And much more!
Company
TestPros, Inc.
TestPros brings the latest relevant software life-cycle process methodologies, process improvement methods, test/QA methodologies, tools and industry best-practice knowledge to our customers.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
Kevin Murray
President. & CEO
Company data provided by crunchbase