Job Description
Apply Here: https://secure.onehcm.com/ta/ISSE.jobs?ShowJob=587363969&TrackId=ZipRecruiter
The candidate will provide continuous information technology (IT) testing and assessment services on the State Controller’s Office (SCO) systems, applications, and network. IT Testing and assessment services shall also include consulting services as the Contractor shall work directly with SCO in determining remediation and follow-up IT testing and assessments. All services provided shall ensure SCO is compliant with SCO’s Security Compliance Standard as determined by SCO Security Standard Assessments.
Familiarity with
NIST SP 800-37 - Guide for Applying the Risk Management Framework (RMF) to Federal Information Systems rev2 2.0.
NIST SP 800-39 - Managing Information Security Risk.
NIST SP 800-171 - Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations 2.0.
NIST SP 800-218 - Secure Software Development Framework (SSDF) 1.1.
Cybersecurity Framework (CSF) 1.1.
NIST SP 800-53A Revision 5: Assessing Security and Privacy Controls in Information Systems and Organizations.
Federal Information Processing Standards (FIPS) 199 for Security Categorization of Federal Information and Information Systems.
Full Time Experienced Penetration Tester providing support both on-site and remote.