Security Governance Consultant (Senior)

Assurit is currently seeking experienced Security Governance Consultant (Senior) to support one of our contracts!

Role Description:

As a key participant within a Security Governance Team, you will share responsibilities for conducting ISSO and Assessor duties in the System Assessments and Authorization (SA&A) process and maintaining continuous Approval To Operate (ATO) for various environments and applications.

Basic Qualifications:

• Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation.
• Prepare vulnerability scanning test plans, coordinate testing, and conduct scans using Nessus, WebInspect and other scan applications.
• Analyze vulnerability scan results for validation and root cause.
• Perform security system event analysis, investigation, and validation.
• Provide incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue.
• Participate in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance.
• Perform Federal Information Security Management Act (FISMA) assessments and annual reporting.
• Perform Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network.
• Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation.
• Perform Privileged User Account Management and Role Based Access assignment
• Perform Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management
• Maintain Change Management Plans (CMP), Incident Response Plans (IRP)
• Information System Contingency Plans (ISCP), and System Security Plans (SSP)
• Prepare and conduct training, exercises, and functional testing of IRP and ISCP
• Develop Disaster Recovery plans and Business Continuity Plans, manage testing exercise

Preferred Qualifications:

• At least seven (7) years of experience in system and application Certification & Accreditation (C&A, System Assessment & Authorization (SA&A, and Independent Validation and Verification (IV&V).
• At least seven (7) years of experience in security system monitoring, syslog and traffic analysis, and incident response.
• At least five (5) years of experience in developing and maintaining standard operating procedures and work instructions.
• At least three (3) years of experience in fulfilling the role of Information System Security Officer (ISSO).
• AWS Cloud Certification is preferred.
• Cloud Security Knowledge is a plus.

Education:

• Bachelor’s Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related technical discipline is required.
• CISSP, CISA preferred.

Apply for Position

Working at Assurit

Assurit is an award winning, certified small business headquartered in Fairfax, VA. We offer a highly competitive compensation and benefits package inclusive of medical and dental coverage, as well as paid time off.

Founded in 2013, Assurit has become a trusted provider of cybersecurity expertise to customers across federal, state and local governments, as well as the commercial sector. We are an employee-centric organization that focuses on the growth and development of our greatest asset – our people. We believe that if our Team is trained and educated, we will always be able to deliver our promise of customer success. If you enjoy work environments focused on continuous learning and growth, Assurit will be a great fit for you.

Whether you saw a specific job opening of ours or are simply interested in learning more about building your career at Assurit, feel free submit your resume. Based on your request, the appropriate individual within our organization will get back to you within 2 business days.

Assurit is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.