Finde einen Job 
Finde eine Ausbildung 
Top Arbeitgeber 
Top Universitäten 
Für Unternehmen Auf einen Blick
- Aufgaben: Perform technical assessments to identify cybersecurity weaknesses in information systems.
- Arbeitgeber: Join a fully remote team dedicated to enhancing cybersecurity measures.
- Mitarbeitervorteile: Enjoy the flexibility of remote work and opportunities for professional growth.
- Warum dieser Job: Make a real impact in cybersecurity while working in a fast-paced, collaborative environment.
- Gewünschte Qualifikationen: Must have 4+ years of NIST Security Control Assessor experience and strong communication skills.
- Andere Informationen: Requires a bachelor's degree in computer science and relevant certifications like CISSP or CISM.
Das voraussichtliche Gehalt liegt zwischen 54000 - 84000 € pro Jahr.
All Jobs > TA7 – 10R INFORMATION ASSURANCE SENIOR SECURITY SPECIALIST ASSESSMENT
TA7 – 10R INFORMATION ASSURANCE SENIOR SECURITY SPECIALIST ASSESSMENT
Fully Remote
Description:
Support in identifying cybersecurity deficiencies in information systems by performing technical assessments of assigned systems and applications to determine the severity of weaknesses; Supports the Security Authorization (SA) and Continuous Monitoring (CM), Risk Management Framework (RMF) process. Results of the assessments will be documented in the MGMT compliance tool, (e.g., IACS, CSAM, etc.), utilizing a standard report format with the results and findings from the assessment, along with recommended mitigations.
Duties/Responsibilities:
- Create, manage, and utilize Assessment Standard Operating Procedures and Testing Templates.
- Create, manage, and utilize Assessment Guides and Training Material documents.
- Create, manage, and utilize Check-Point Reviews to determine system readiness for assessments.
- Manage Assessment Entrance Conference Briefing.
- Draft Security Assessment Report (SAR) for stakeholder review.
- Manage Assessment Exit Conference Briefing.
- Create Final Security Assessment Report.
- Develop and maintain an overall Security Assessment Schedule.
- Develop testing artifacts for each system.
- Update and maintain all testing templates and Standard Operating Procedures (SOP).
- Create Assessment Guides to assist stakeholders in preparing for upcoming assessments.
- Conduct and/or review vulnerability scans and system architecture.
- Provide advisement and recommendations for assessment and security best practices.
- Arrange for physical access to the system if applicable.
- Conduct an Assessment Kick-off meeting.
- Conduct check point reviews prior to the planned assessment date.
- Conduct an assessment entrance conference.
- Execute the assessment through the review of system security documentation.
- Document results in the draft Security Assessment Report (SAR).
- Conduct an assessment exit conference.
- Produce the Final SAR based on exit conference results.
- Collect and securely store all final materials and media.
Requirements:
Experience: (MUST HAVE):
- At least 4 years of NIST Security Control Assessor (SCA) experience.
- Must have led Assessment teams from planning through execution and finalization of an assessment.
- Capable of performing in a fast-paced environment.
- Strong communication skills both verbally and in written form.
- Mastery of control assessment requirements based on the NIST 800-53A.
- Technical expertise in assessing environments such as Applications, Operating Systems, Databases, Appliances, Cloud Environments, and Physical environments.
- In-depth understanding of Nessus scan reports and identifying vulnerabilities.
- Proficient technical writing skills for control findings and assessment documentation.
- Extensive experience conducting assessment interviews.
- Work well within and lead teams with a positive attitude.
- Deep knowledge of Security Control testing and validation.
- CSAM experience.
- Working knowledge of DHS 4300 Policy.
Experience/Years of Relevant Experience:
- At least 1 year of Splunk experience or Splunk certification.
- Required Experience: 8 years.
Education/Certificates:
- Required Education: bachelor’s degree in computer science or related field.
- Certification: CISSP, CISM, CRISC, or CSSP.
#J-18808-Ljbffr
TA7 - 10R INFORMATION ASSURANCE SENIOR SECURITY SPECIALIST ASSESSMENT Arbeitgeber: Softek International
Kontaktperson:
Softek International HR Team
StudySmarter Bewerbungstipps 🤫
So bekommst du den Job: TA7 - 10R INFORMATION ASSURANCE SENIOR SECURITY SPECIALIST ASSESSMENT
✨Tip Number 1
Make sure to familiarize yourself with the NIST 800-53A control assessment requirements. This knowledge will not only help you understand the expectations of the role but also demonstrate your expertise during interviews.
✨Tip Number 2
Highlight your experience in leading assessment teams. Be prepared to discuss specific examples where you successfully managed assessments from planning to execution, as this is a key requirement for the position.
✨Tip Number 3
Brush up on your technical writing skills. Since you'll be drafting Security Assessment Reports, showcasing your ability to clearly document findings and recommendations will set you apart from other candidates.
✨Tip Number 4
If you have experience with tools like Nessus and Splunk, be ready to discuss how you've used them in past assessments. This practical knowledge will be crucial in demonstrating your technical expertise during the interview process.
Diese Fähigkeiten machen dich zur top Bewerber*in für die Stelle: TA7 - 10R INFORMATION ASSURANCE SENIOR SECURITY SPECIALIST ASSESSMENT
Tipps für deine Bewerbung 🫡
Understand the Role: Make sure to thoroughly read the job description for the Information Assurance Senior Security Specialist position. Understand the key responsibilities and required skills, especially those related to NIST Security Control Assessor experience and technical writing.
Tailor Your Resume: Customize your resume to highlight relevant experience, particularly your NIST SCA experience and any leadership roles in assessment teams. Use specific examples that demonstrate your expertise in cybersecurity and technical assessments.
Craft a Strong Cover Letter: Write a compelling cover letter that connects your background to the job requirements. Emphasize your communication skills, technical expertise, and experience with security assessments, as well as your ability to work in fast-paced environments.
Highlight Certifications: Ensure that your application clearly lists your relevant certifications such as CISSP, CISM, CRISC, or CSSP. These credentials are crucial for this role and should be prominently featured in your documents.
Wie du dich auf ein Vorstellungsgespräch bei Softek International vorbereitest
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with NIST Security Control Assessments in detail. Highlight specific projects where you led assessment teams and the methodologies you used, especially focusing on NIST 800-53A.
✨Demonstrate Strong Communication Skills
Since this role requires extensive communication, practice articulating your thoughts clearly. Be ready to explain complex security concepts in a way that stakeholders can understand, showcasing both your verbal and written communication skills.
✨Prepare for Vulnerability Discussions
Familiarize yourself with common vulnerabilities and how to interpret Nessus scan reports. Be ready to discuss how you would address these vulnerabilities in a real-world scenario, demonstrating your problem-solving skills.
✨Emphasize Team Leadership Experience
Share examples of how you've successfully led teams in high-pressure environments. Discuss your approach to fostering a positive team atmosphere while ensuring that assessments are completed efficiently and effectively.
