Security Assessor/Penetration Tester (Mid CCA Tester) (Vinton)

Employment Type

: Full-Time

Industry

: Defense/Security Clearance



Loading some great jobs for you...





Overview

VariQ has an exciting opportunity for a highly qualified IT Security Assessment Engineer to support our Federal Program (Arlington, VA). The Engineer will perform security assessments to ensure compliance with NIST 800-53A and agency specific requirements. The position will require the ability to technically assess web applications, thick clients, and general support system security configurations and their implementation.

KEY ATTRIBUTES: The Engineer will have prior experience working with a wide variety of technologies, be well versed in the current state of information security, and be able to interpret the requirements of relevant governing bodies (NIST, OMB, GAO, etc.). The ideal candidate will have prior experience performing Risk Management processes for a federal client including Certification and Accreditation (C&A), FISMA self-assessments, vulnerability scans, and penetration testing.

Additional Information:
  • Work Location: FDIC Arlington (Between Ballston and Clarendon)
  • Salary: Dependent upon experience
  • Security Clearance: Must pass background investigation and credit check
  • Availability: ASAP


Responsibilities

ROLE AND RESPONSIBILITIES: The engineer will perform security assessments to ensure compliance with the NIST 800-53a and agency specific requirements. The position will also require the ability to technically assess both application and general support system security configurations and implementation. The Engineer will be conducting physical and logical hands-on technical security evaluations of controls in place. The Engineer will be required to interface with federal employees and contractors in order to perform security assessment activities as well as the presentation of vulnerabilities to the client. The Engineer will be required to review security related documentation (System Security Plans, Configuration Management Plans, etc.). The Engineer will be responsible for overseeing and managing security control assessments from beginning to end.

Qualifications

OPTIONAL SKILLS AND EXPERIENCE DESIRED:
  • Professional Security Certification (CAP, CASP, CISSP, etc.)
  • 1+ years of systems administration (Windows or Linux/Unix)
  • 1+ years of experience creating or maintaining security related documentation


QUALIFICATIONS: A degree in Computer Science, Information Systems, Engineering, Business, or other related technical discipline is preferred.
  • 6+ years of IT experience
  • 4+ years of experience performing system testing (security or functional)
  • 4+ years using NIST 800-53/800-53A
  • 4+ years of IT experience
  • 3+ years of Federal C&A experience
  • Bachelor's degree in information technology related field
    • 5+ years of professional experience with 3 or more years of related work experience will be considered in lieu of a degree


EDUCATION SUBSTITUTION: An advanced degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline may be considered equivalent to two (2) years generalized and two (2) years information security specialized experience. Certificates such as Microsoft's MCSE may be considered equivalent to two (2) years of general experience and two (2) years of information technology experience. The CISSP certificate may be considered equivalent to two (2) years of information security experience.

VariQ is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status. - provided by Dice

Launch your career - Create your profile now!

Create your Profile

Loading some great jobs for you...