This listing was posted on ApplicantPro.
Cyber Security Validator
Location:
Triangle, VA
Description:
Sedulous is a cyber security consulting firm helping companies identify and comply with cybersecurity requirements. We strive to leave customers confident in their ability to manage the program once instituted. Our passion is to develop manageable cybersecurity programs for companies who understand the vital role that cybersecurity plays, and the direct correlation it has to a successful stakeholder and to risk management. We provide customized cybersecurity program policies, processes and procedures with a focus on automation and reducing your IT footprint. We are currently hiring for a Cybersecurity Validator to join our team in Quantico, VA. Duties/Responsibilities: Will provide auditing and consultation services as assigned in support of the customer. Provide Certified Validators to perform validation/auditing customer RMF authorization requirements in accordance with Enterprise Cybersecurity Manual (ECSM) and Authorization Process (MCAAP). Provide independent verification and validation (IV&V) of system's security controls and safeguards designed through the security engineering process. Validate applicable cybersecurity controls for an assigned DoD system, including developing the appropriate test procedures if necessary, executing the test procedures and accurately documenting the results of security testing. Perform the requisite preparatory IV&V steps and conditions as required, perform the actual validation steps, compare the actual results with the expected results, and analyze the differences for impact and risk. Document results in a government-specified format and repository. Perform CVSS Scoring via MCCAST v2, develop the Security Assessment Report (SAR) and other Validate support requirements as required by DoD policies and guidance for the assigned system(s). Develop metrics and report metrics that include the percentages of completion in every step of the validation process. Education and Experience: Security Clearance Requirement: SECRET 5 years of experience performing similar work BS Degree desired Experience as an RMF Engineer, ISSM/ISSO, Security Controls Validator, and/or information assurance engineer Advanced writing skills: able to clearly articulate ideas for executive level consumption Advanced problem-solving skills: able to use prior experience and knowledge to address new situations; especially during interactions with clients. Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions DoD SP 800-53 5+ years conducting security control assessments based on NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST 800-37 Rev.2. Understanding of NIST Risk Management Framework (RMF) and Cybersecurity Framework (CSF). Prior experience working with a wide variety of technologies, be well versed in the current state of Information Security and be able to interpret the requirements of relevant governing bodies (ISO, NIST, OMB, DoD, etc.). Experience performing full scope Risk Management processes for a federal client, to include Assessment & Authorization (A&A), FISMA Self Assessments, Technical Assessments (Vulnerability analysis, penetration testing), and Risk Assessments. Experience using Certification and Accreditation (C&A) tools such as XACTA, RSA Archer, and eMASS Experience using vulnerability and security testing tools and reviewing the results from tools such as Nessus, Fortify, Eclypsium, and Sonarcube. Experience conducting analysis of vulnerability and compliance scan results. Experience implementing and auditing against security configuration checklists (e.g., DISA STIGs, CIS Benchmarks, USCGB). Robust understanding of NIST Special Publications (e.g., 800-53, 800-37, 800-171). Strong documentation and communication (written and verbal) skills. Knowledge and understanding of FEDRAMP, CMMC, and DFARS. Preferred Qualifications: Bachelor's degree (Information Technology or Cybersecurity related field preferred, however not required). CISSP, CAP, CISA, CISM, or Security+ certification. 7+ years of professional experience in Cybersecurity related area. Experience configuring and conducting technical assessments using tools such as Nessus, Fortify, Eclypsium, and Sonarcube. Understanding of/experience implementing DISA STIGs and CIS security mechanisms. Self-motivated and able to work in an independent manner. Experience conducting FedRAMP CSP security documentation analysis. *Position contingent upon government award. Company EEO Statement: Sedulous Consulting Services is an equal opportunity employer and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) federal contractor. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, protected veteran status, status as a qualified individual with a disability, or any other category protected by law. Sedulous hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
Company:
Sedulous Consulting Services
Posted:
December 26 2023 on ApplicantPro
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to ApplicantPro
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Cyber Security Validator
Cyber Security Validator is a Jobs Cyber Security Validator Job at Sedulous Consulting Services located in Triangle VA. Find other listings like Cyber Security Validator by searching Oodle for Jobs Cyber Security Validator Jobs.
Cyber Security Validator is a Jobs Cyber Security Validator Job at Sedulous Consulting Services located in Triangle VA. Find other listings like Cyber Security Validator by searching Oodle for Jobs Cyber Security Validator Jobs.