Cybersecurity Assessor – CMMC

Job Description:

• Conduct security control assessments for commercial and government customers to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within a system boundary.
• Develop, document and review System Rules of Engagement (ROE), Security Assessment Plans (SAPs) and Security Assessment Reports (SARs).
• Conduct kick-off meetings, develop associated schedules and resource plans to complete the assessments.
• Responsible for quality control on the assessment and associated deliverables.
• Develop practical and risk-based approaches for security control implementation and vulnerability remediation.
• Review and provide feedback system boundaries, common controls, the security categorization of information systems, applicable security control baseline based on system categorization.
• Review cyber/system/network security body of evidence and documentation for accuracy and completeness.
• Lead Post Assessment Meetings with the customer.
• Provide Plan of Action and Milestones (POA&M) support to ensure mitigations are completed or the teams are working to mitigate all vulnerabilities in a timely fashion and within customer policy timelines.
• Perform continuous monitoring to ensure implemented security controls remain functional throughout the lifecycle of the information system.
• Perform other duties as assigned.

Requirements:

• Must be a US Citizen
• Must be able to obtain and maintain favorable suitability determination by the CyberAB
• BS/BA degree in Information Technology or related Cybersecurity field
• 5+ years of auditing and/or assessment experience
• Thorough knowledge of cloud environments (services/security)
• Strong background working with NIST 800-171 and/or NIST 800-53
• Must have an active CCP certification listed in the CMMC Marketplace
• Must have at least the following industry certifications for CCP CompTIA Security + (Sec+)
• Must have at least one of the following industry certifications for CCA: Certified Information System Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP+ CE), Security X, CompTIA Cybersecurity Analyst (CySA+), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), Mile Two Certified or Certified Information Systems Security Officer (C|CISSO)

Benefits:

• Paid time off
• Paid holidays
• Work-from-home opportunities
• 401k with matching incentive
• Competitive Medical/dental/vision benefits
• Company provided life insurance
• Company provided short-term disability

Apply tot his job Apply To this Job