*** This position is contingent upon contract award ***
TekSkope is seeking a highly qualified and motivated Security and Privacy Assessment Lead to join our team.
Responsibilitiesinclude, but are not limited to:
- Lead the assessment team to ensure consistency in processes across all assessments
- Ensure all requirements for assessment in compliance with NIST are being met for client’s IT Systems.
- Lead the Security and Privacy control assessment team and conduct independent comprehensive assessments of the management, operational, and technical security/privacy controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls.
- Support activities for Assessment and Authorization (A&A) of new systems, and Information Security Continuous Monitoring (ISCM), in compliance with NIST SP 800-53 controls within the Risk Management Framework (NIST SP 800-37)
- Develop and maintain assessment process documentation including Security and Privacy Control Assessment Methodology, Information Security and Privacy Continuous Monitoring Methodology, and Security and Privacy Control Assessment SOP
- Prepare assessment reports documenting the findings and recommendations from the Security and Privacy Control Assessment
- Provide audit support and manual testing of Secure Baseline Configuration Guides
- Document Security and Privacy Control Assessment lessons learned and trend analyses
Qualifications
· One certification required: CISSP, CISA, ISC2 Certified Authorization Professional (CAP), or GIAC Systems and Network Auditor (GSNA)
· At least 5 years’ experience working with NIST RMF and NIST 800-53
· Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
· Proven experience working as an assessor/ISSO, with operating systems, databases, assessments, POA&Ms and web applications
· Must be able to work at client site in Washington DC at least 2 days per week. (Hybrid – Remote + 2 days client site)
Job Type: Full-time
Benefits:
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance
Experience level:
- 5 years
Schedule:
- 8 hour shift
- Monday to Friday
Experience:
- Security Assessment: 5 years (Preferred)
- NIST RMF: 5 years (Preferred)
License/Certification:
- CISSP or CISA, or CAP, or GSNA (Preferred)
Ability to Commute:
- Washington, DC 20005 (Preferred)
Ability to Relocate:
- Washington, DC 20005: Relocate before starting work (Required)
Work Location: Hybrid remote in Washington, DC 20005