Security and Privacy Assessment Lead (Hybrid)

*** This position is contingent upon contract award ***

TekSkope is seeking a highly qualified and motivated Security and Privacy Assessment Lead to join our team.

Responsibilitiesinclude, but are not limited to:

- Lead the assessment team to ensure consistency in processes across all assessments

- Ensure all requirements for assessment in compliance with NIST are being met for client’s IT Systems.

- Lead the Security and Privacy control assessment team and conduct independent comprehensive assessments of the management, operational, and technical security/privacy controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls.

- Support activities for Assessment and Authorization (A&A) of new systems, and Information Security Continuous Monitoring (ISCM), in compliance with NIST SP 800-53 controls within the Risk Management Framework (NIST SP 800-37)

- Develop and maintain assessment process documentation including Security and Privacy Control Assessment Methodology, Information Security and Privacy Continuous Monitoring Methodology, and Security and Privacy Control Assessment SOP

- Prepare assessment reports documenting the findings and recommendations from the Security and Privacy Control Assessment

- Provide audit support and manual testing of Secure Baseline Configuration Guides

- Document Security and Privacy Control Assessment lessons learned and trend analyses

Qualifications

· One certification required: CISSP, CISA, ISC2 Certified Authorization Professional (CAP), or GIAC Systems and Network Auditor (GSNA)

· At least 5 years’ experience working with NIST RMF and NIST 800-53

· Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

· Proven experience working as an assessor/ISSO, with operating systems, databases, assessments, POA&Ms and web applications

· Must be able to work at client site in Washington DC at least 2 days per week. (Hybrid – Remote + 2 days client site)

Job Type: Full-time

Benefits:

• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

Experience level:

• 5 years

Schedule:

• 8 hour shift
• Monday to Friday

Experience:

• Security Assessment: 5 years (Preferred)
• NIST RMF: 5 years (Preferred)

License/Certification:

• CISSP or CISA, or CAP, or GSNA (Preferred)

Ability to Commute:

• Washington, DC 20005 (Preferred)

Ability to Relocate:

• Washington, DC 20005: Relocate before starting work (Required)

Work Location: Hybrid remote in Washington, DC 20005