Security Assessment Analyst / Security Control Assessor (Required Public Trust or secret/top secret clearance)

1. Demonstrates 5-8 years of IT security experience in IT security related to performing and configuring information security scans and evaluation of system security controls.
2. Possess applicable certifications and credentials such as Certified Information System Security Professional (CISSP) or the equivalent for penetration testing and vulnerability assessment work.
3. In-depth knowledge of laws, directives, orders, etc., pertaining to IT security and directing Federal government agencies.
4. Understanding of security requirements in various environments to include secured and non-secured.
5. Familiarity with IT security products (hardware, software, and services), technologies, protocols, and best practices.
6. Prior experience performing assessments to include technical evaluation, validating and justifying compliance or non-compliance in accordance with NIST guidance, FISMA, FISCAM , for Federal agencies.
7. Understanding of standard security policies and procedures to include, but not limited to: ensuring testing machines and equipment remained physically secure and only accessible to authorized personnel.
8. Excellent written and oral communications skills.
9. Experience in scanning and testing utilizing various tools applicable to web application testing, server scanning, manual testing of system configuration and implementations.