This listing was posted on ApplicantPro.
Mid Cyber Security Engineer/Analyst
Location:
Quantico, VA
Description:
Sedulous is a cyber security consulting firm helping companies identify and comply with cybersecurity requirements. We strive to leave customers confident in their ability to manage the program once instituted. Our passion is to develop manageable cybersecurity programs for companies who understand the vital role that cybersecurity plays, and the direct correlation it has to a successful stakeholder and to risk management. We provide customized cybersecurity program policies, processes and procedures with a focus on automation and reducing your IT footprint. We are currently seeking a dynamic Mid Cyber security Engineer/Analyst to join our team in Quantico, VA. Duties/Responsibilities: Perform security testing and security control assessments on commercial, federal, and DOD systems to ensure compliance with the NIST SP 800-53 Rev. 5 and other requirements. Conduct security, compliance, and vulnerability audits utilizing the latest scanning tools. Conduct security control assessments against implemented system security mechanisms. Technically perform "type" and "site" assessments security configurations and implementation. Interface with managers, administrators, engineers, and analysts perform the security assessment activities. Support security control assessments based on NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST 800-37 Rev.2. Analyze results from scanning tools such as Nessus, Fortify, Eclypsium, and Sonarcube. Develop Security Assessment Plans (SAPs), Security Assessment Reports (SARs), Residual Risk Reports (RRR), System Security Plan (SSP) and Plan of Action and Milestone (POA&M) Reports Minimum Qualifications: Must be SSBI eligible and be able to obtain and maintain a Secret Clearance. Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus three (3) to five (5) years of directly related experience or any equivalent combination of education, experience, training, and certifications. 3+ years conducting security control assessments based on NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST 800-37 Rev.2. Understanding of NIST Risk Management Framework (RMF) and Cybersecurity Framework (CSF). Prior experience working with a wide variety of technologies, be well versed in the current state of Information Security and be able to interpret the requirements of relevant governing bodies (ISO, NIST, OMB, DoD, etc.). Experience performing full scope Risk Management processes for a federal client, to include Assessment & Authorization (A&A), FISMA Self Assessments, Technical Assessments (Vulnerability analysis, penetration testing), and Risk Assessments. Experience using Certification and Accreditation (C&A) tools such as XACTA, RSA Archer, and eMASS Experience conducting analysis of vulnerability and compliance scan results. Experience implementing and auditing against security configuration checklists (e.g., DISA STIGs, CIS Benchmarks, USCGB). Understanding of NIST Special Publications (e.g., 800-53, 800-37, 800-171). Strong documentation and communication (written and verbal) skills. Knowledge and understanding of FEDRAMP, CMMC, and DFARS. Preferred Qualifications: Bachelor's degree (Information Technology or Cybersecurity related field preferred, however not required). CISSP, CAP, CISA, CISM, or Security+ certification. 5+ years of professional experience in Cybersecurity related area. Experience configuring and conducting technical assessments using tools such as Nessus, Fortify, Eclypsium, and Sonarcube. Understanding of/experience implementing DISA STIGs and CIS security mechanisms. Self-motivated and able to work in an independent manner. Experience conducting FedRAMP CSP security documentation analysis. Company EEO Statement: Sedulous Consulting Services is an equal opportunity employer and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) federal contractor. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, protected veteran status, status as a qualified individual with a disability, or any other category protected by law. Sedulous hires and promotes individuals solely on the basis of their qualifications for the job to be filled. Company EEO Statement: Sedulous Consulting Services is an equal opportunity employer and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) federal contractor. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, protected veteran status, status as a qualified individual with a disability, or any other category protected by law. Sedulous hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
Company:
Sedulous Consulting Services
Posted:
December 26 2023 on ApplicantPro
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to ApplicantPro
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Mid Cyber Security Engineer/Analyst
Mid Cyber Security Engineer/Analyst is a Engineering Engineer Job at Sedulous Consulting Services located in Quantico VA. Find other listings like Mid Cyber Security Engineer/Analyst by searching Oodle for Engineering Engineer Jobs.
Mid Cyber Security Engineer/Analyst is a Engineering Engineer Job at Sedulous Consulting Services located in Quantico VA. Find other listings like Mid Cyber Security Engineer/Analyst by searching Oodle for Engineering Engineer Jobs.