IOMAXIS is a technology engineering company that is recognized for our innovative solutions and unparalleled engineering expertise across a wide variety of technologies. Apply innovative thinking to projects that are difficult to solve. We are seeking experienced Security Control Assessors at multiple levels of experience and who thrive in a challenging environment to join our Ingressive division in a full-time capacity supporting operations out of Arlington, VA. Interviewing now!
Regarding the duties of this role, the Security Control Assessor:
-Leads RMF assessment, authorization, and monitoring steps for systems following NIST and ICD 503 standards and best practices
-Participates in RMF process providing A&A support
-Reviews policies, procedures, and documentation maintained by NSD as required by security controls
-Serves as principal security advisor on risk matters, technical and otherwise
-Performs host, network, cloud, and application-based security control assessments
-Conducts comprehensive assessment of the management, operation, and technical controls to determine overall effectiveness of controls
-Develops standard operating procedures, security test plans, assessment schedules, assessment results, and recommendations, and provides expert technical support for potential targets before and after the assessment
-Develops and maintains SCA documentation
-Develops BOE Guidance, ROE, SAP, and Assessments
-Provides assessment support and site visits
-Evaluates information system security readiness and supports cybersecurity functions
-Prepares the security authorization package documenting the findings, and recommendations from the SCA.
-Provides all documentation developed to support assessment, artifact collection, findings, analysis, conclusions, management recommendations, and report
-Develops SCTM, test procedures, RAR, SAR, POA&M
-Develops summary findings report based on recommendations
-Makes final recommendation to the Government on the risk posture of the system and its ability to mitigate the risks associated with performing its mission
-Provides technical briefings, findings, vulnerabilities, and penetration results with analysis, conclusions, and recommendations to stakeholders
-Performs annual assessments that support the continuous monitoring strategy for all systems with ATO
For Level I: At least 2-years of penetration testing and vulnerability assessment experience
For Level II: At least 5-years of penetration testing and vulnerability assessment experience
For Level II: At least 7-years of penetration testing and vulnerability assessment experience
Required Technical Experience/Qualifications/Skills:
-Possess at least one of the following certifications: Cisco Certified Network Associate (CCNA)-Security, GIAC Security Essentials Certification (GSEC), Certified Information Systems Auditor (CISA), GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), ISC2 CISSP, CompTIA Advanced Security Practitioner
-Ability to support technical analysis and documenting and presenting reports
-Must be able to support travel requirements within the National Capital Region (NCR) and Continental United States (CONUS) (upwards to 25%)
Strongly Desired Skills:
-Prior DHS cybersecurity experience
-Positions require an active Top Secret Clearance w/ SCI eligibility and DHS Suitability
WHY IOMAXIS: Unleash your potential and make a dramatic impact!
Over the past 10 years, IOMAXIS has advanced the state of Cyber RDT&E by bringing together the best software, hardware, and communications experts in the industry to help Federal agencies and organizations develop critical solutions for difficult missions around the globe. Today, we’re proud to say the most important Federal clients rely on our solutions to perform their missions by developing solutions faster, reducing complexity, cutting costs, and providing a profound level of innovation. IOMAXIS helps our customers deliver exceptional value to their client, America and its people. IOMAXIS leads the industry in developing superior services and technologies, delivering actionable capabilities and insight— right when customers need it most.
IOMAXIS is an Equal Opportunity Employer and considers all qualified applicants for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability or protected veteran status.