Remote Security Controls Assessor

Summary

TestPros is looking for an expert Cyber Security professional with at least 5 years of experience in IT security compliance, including recent experience with NIST 800-53 Rev 5, to develop and update security plans, policies, and other necessary artifacts, and maintain knowledge of the threat landscape. The position involves conducting risk assessments, auditing and monitoring systems, and producing key performance indicators.

Requirements

• 5+ years of directly related experience in IT security compliance, including recent experience with NIST 800-53 Rev 5
• Cloud computing security
• Security governance and policy
• Security risk analysis
• Auditing and monitoring systems
• Scanning and vulnerability management systems
• Advanced Malware Protection
• Threat Intelligence
• Incident Management - analysis, detection, and handling of security events
• Penetration testing and associated tools (e.g., nmap, Metasploit, etc.)
• Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training, or work experience

Responsibilities

• Develop NIST 800-53 Rev5 based System Security Plan (SSP)
• Create/Update the applicable documents identified by NIST 800-53 Rev 5, specifically the Security Assessment Report (SAR)
• Create/Update the associated Plan of Actions and Milestones (POA&M)
• Provide detailed security-related reports including data, analyses, and conclusions upon completion of tests, scans, and assessments
• Verify and document the implementation of security controls necessary to achieve compliance
• Review and develop System Security Plans (SSPs), Plans of Actions and Milestones (POA&Ms), and as well as other necessary artifacts
• Facilitate the Plan of Actions and Milestones (POA&M) program to ensure customer systems have accurately and fully provided information for POA&M activities to include valid remediation of findings
• Develop various policy documents (SOPs/CONOPs)
• Initiate, and lead on-going information security maturity assessment processes and training
• Produce and review key performance indicators for implemented security measures and distribute KPIs
• Maintain knowledge of threat landscape by monitoring threat intelligence, and other related sources

Benefits

• Competitive salary
• Medical/dental/vision insurance
• Life insurance
• Paid time off
• Paid holidays
• 401(k) retirement plan with company match
• Opportunities for professional growth
• Cell phone discounts