ECS is seeking a Security Control Assessor with 5+ years of Cybersecurity experience, to work Remotely. Please Note: This position is contingent upon contract award.
Salary Range: $90,000 – $115,000
General Description of Benefits
Qualifications- Strong written and verbal communication skills.
- Strong communication ability across all levels of management.
- Experience in planning and completing assessments independently and or with a team of security control assessors
- Three (3)+ years’ experience supporting security assessment teams is required.
- Experience in presenting control requirements and deficiencies to both technical and non-technical audiences.
- Experience performing detailed, full-scope technical security control testing for each of the component types, including development of security and privacy assessment plans is required.
- Ability to analyze information system configurations and technical specifications against NIST SP 800-53 and other overlays
- Possesses a strong understanding of the NIST Special Publication 800-53 security and privacy controls, the NIST Cybersecurity Framework and other information security and privacy laws and regulations.
- Experience with development and writing of risk-based assessments and documentation.
- Experience with Power automate, Power BI, & Microsoft Project Online.
- Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
- Experience with cloud technology offerings from AWS and Azure and assessing systems hosted within those environments.
- Experience performing assessment in accordance with the policies, procedures, and standards of the Office of Management and Budget (OMB), the National Institute of Standards and Technology (NIST), and Treasury.
- Certifications/Licenses:
- Bachelor’s degree or higher in Computer Science’s, MIS/IT, Engineering, Information Security/IA, or related discipline to work requirement
- Five (5)+ years of Information Security experience required.
- Two (2)+ years of experience with the use of eGRC tools.