Q1 Sr. Security Compliance Assessor

company banner
Apex Systems
Security, IT, System, Application, Risk Management, Software, Engineering, Network, Database, Systems, Scripts
Full Time
Travel not required

Job Description

If interested, please send over your most up to date resume in WORD format to Sara at Thanks so much and looking forward to connecting!

Position : Sr. Security Compliance Assessor

Location : Washington D.C.

Duration : Contract to Perm

Clearance : Must be ====s and able to obtain and/or maintain a Dept. of Defense TS/SCI OR Secret (ability to be upgraded to TS) security clearance as a condition of employment

Responsibilities
  • Participate in all steps of the Security Authorization and Assessment process for FISMA systems.
  • Deliver all required documentation using the current DHS approved templates, forms, regulations, and methods.
  • Continuously update all documentation as required.
  • Provide advisement to stakeholders to assign resources and establish timelines to ensure the successful Security Authorization of a system.
  • Review and validate all relevant NIST 800-53 and DHS 4300B Security Controls and/or applicable departmental policies for each IT system assigned.
  • Ensure software installed in the production environment is evaluated and provide guidance regarding the potential for the software to introduce risk into the environment.
  • Perform oversight of compliance with Vulnerability Alerts.
  • Review and validate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each managed IT System prior to authorizing closure. Proper documentation to support the POA&M lifecycle shall be filed and updated as required, including well documented waivers and exceptions detailing the potential risk to the Authorizing Official.
  • Perform in depth reviews of logs and other artifacts for each IT system.
  • Provide, track and report security requirements throughout the project life cycle of all projects that are within the accreditation boundary of assigned systems.
  • Provide timely and detailed responses to all data calls.
  • Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc. for each IT system.
  • Coordinate with and brief Federal staff on all activities pertaining to each IT system as requested.
  • Continuously maintain a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each IT System.
  • Coordinate with the appropriate operational group to accurately update the System Design Document for each IT system to reflect the approved state of each IT system.
  • Participate in numerous working groups to provide training and guidance to numerous Components.
  • Work closely with Office of the Chief Information Security Officer (CISO) to provide guidance and oversight for all requested initiatives.


Qualifications

  • Master's Degree or 15 years of relevant experience.
  • Must be able to perform all tasks identified in the Job Description.
  • Knowledge of and experience with NIST SP 800-53, 800-53A, and 800-37.
  • Experience with Risk Management Framework (RMF), POA&Ms, Security Authorization and Assessments, Vulnerability Assessments, FISMA Requirements, Waivers, Ongoing Authorization, Authority to Operate, Continuous Monitoring.
  • Technical background and ability to review complex configurations for validation (i.e. Software Engineering, Network Engineering, System Administrator, Database Administrator background).
  • Ability to compose and comprehend policy, procedure, guidance, demos, and training documentation.
  • Expected to have superior communication and customer service skills to support training, help desk ticket responses, and support of a large customer base.
  • Strong writing skills are required.


Desired :
  • Experience with Nessus, McAfee, Symantec, Retina, and Splunk software and output formats.
  • Knowledge of DHS 4300B.
  • CISA or CAP preferred - include certification # on resume.


EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or


Company Information

Apex Systems is a world class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions. We provide a continuum of service from workforce mobilization and modern enterprise solutions to digital innovation to drive better results and bring more value to our clients. Apex transforms our customers with modern enterprise solutions tailored to the industries we serve. Apex has a presence in over 70 markets across US, Canada and Mexico. Apex is a segment of ASGN Inc. (NYSE: ASGN)

.
Dice Id : apexsan
Position Id : 1035033
Originally Posted : 8 months ago

Similar Positions at Apex Systems

Security Compliance Analyst
  • Washington D.c., DC
  • 18 hours ago
Security Compliance Analyst - TS
  • Washington D.c., DC
  • 18 hours ago
Application Security Engineer
  • Vienna, VA
  • 18 hours ago
Cyber Security Auditor
  • Fbi Hq, DC
  • 18 hours ago
ISSO
  • Washington D.c., DC
  • 18 hours ago
ISSO
  • Washington, Dc, DC
  • 18 hours ago
Cybersecurity Analyst
  • Falls Church, VA
  • 18 hours ago
Senior Network Security Engineer
  • Crofton, MD
  • 18 hours ago
Mid-Level Network Security Engineer
  • Crofton, MD
  • 18 hours ago
SOC Analyst - Sr
  • Silver Spring, MD
  • 18 hours ago