Security Control Assessor

McLean, MD - USA

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

Harmonia Holdings Group LLC is an award-winning rapidly growing federal government contractor committed to providing innovative high-performing solutions to our government clients and focused on fostering a workplace that encourages growth initiative creativity and employee satisfaction.

Description

Title: Security Control Assessor

Location: Remote

Terms: Full-time

Clearance: Public Trust

Travel: <10%

Position Description

We have an opening for a full-time Security Control Assessor to join our talented dynamic team in support of the Department of Veterans Affairs. As a Security Control Assessor you will be trusted to support the delivery of our cybersecurity solutions and this role you will be a part of a security control assessment team working on the tasks outlined below.

Veterans are encouraged to apply.

Responsibilities:

Conducts independent comprehensive assessments of the management operational and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
Plans and conducts security authorization reviews and assurance case development for initial installation of systems and networks.
Reviews authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application system and network.
Verifies that application software/network/system security postures are implemented as stated document deviations and recommend required actions to correct those deviations.
Develops security compliance processes and/or audits for external services (e.g. cloud service providers data centers).
Performs security reviews and identifies security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Performs risk analysis (e.g. threat vulnerability and probability of occurrence) whenever an application or system undergoes a major change.
Provide input to the Risk Management Framework process activities and related documentation (e.g. system life-cycle support plans concept of operations operational procedures and maintenance training materials).

Requirements

Bachelors degree in computer science electronics engineering or other engineering or technical discipline is required and will accept relevant experience in lieu of degree.
1 years hands-on experience with Cybersecurity policy risk management or security and privacy control assessments.
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality integrity availability authentication non-repudiation).
Knowledge of system and application security threats and vulnerabilities.
Knowledge of Personally Identifiable Information (PII) Payment Card Industry (PCI) and Personal Health Information (PHI) data security standards.

Desired

Experience with security control assessments within the VA using the NIST Risk Management Framework (RMF) is a plus.
Certifications such as SCA and CISA are a plus.
Exceptional written and verbal communication skills.
Strong planning organizational and time management skills.
Exceptional analytical and conceptual thinking skills.
Ability to work collaboratively with a team of peers.

Here at Harmonia we are pleased to have been repeatedly recognized for our outstanding work culture the innovative work we do and the employees on our team who make a difference each day. Some of these recognitions include:

Recognized as a Top 20 Best Place to Work in Virginia
Recipient of Department of Labors HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbetts Award winner
Virginia Values Veterans (V3) Certification

We recognize that every bit of our success is the result of our teams of hard-working motivated and innovative professionals who are proud to call themselves part of the Harmonia family! In addition to competitive compensation a family-focused culture and a dynamic productive work environment we offer all full-time employees a variety of benefits including but not limited to

Traditional and HSA- eligible medical insurance plans
100% employer-paid dental and vision insurance options
100% employer-sponsored STD LTD and life insurance
5% 401(k) company matching
Flexible-schedules and teleworking options
Paid holidays and PTO Accrual Plans
Paid Parental Leave
Professional development and career growth opportunities
Team and company-wide events recognition and appreciation-- and so much more!

Check out ourLinkedInFacebook andInstagramto find out a little more about who we are and if we are the right next step for your career!

Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race color religion national origin age gender gender identity sexual orientation disability or genetics.Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected perform the above job successfully an individual must possess the knowledge skills and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation please contact.

Description

Title: Security Control Assessor

Location: Remote

Terms: Full-time

Clearance: Public Trust

Travel: <10%

Position Description

Veterans are encouraged to apply.

Responsibilities:

Conducts independent comprehensive assessments of the management operational and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
Plans and conducts security authorization reviews and assurance case development for initial installation of systems and networks.
Reviews authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application system and network.
Verifies that application software/network/system security postures are implemented as stated document deviations and recommend required actions to correct those deviations.
Develops security compliance processes and/or audits for external services (e.g. cloud service providers data centers).
Performs security reviews and identifies security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Performs risk analysis (e.g. threat vulnerability and probability of occurrence) whenever an application or system undergoes a major change.
Provide input to the Risk Management Framework process activities and related documentation (e.g. system life-cycle support plans concept of operations operational procedures and maintenance training materials).

Requirements

Bachelors degree in computer science electronics engineering or other engineering or technical discipline is required and will accept relevant experience in lieu of degree.
1 years hands-on experience with Cybersecurity policy risk management or security and privacy control assessments.
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality integrity availability authentication non-repudiation).
Knowledge of system and application security threats and vulnerabilities.
Knowledge of Personally Identifiable Information (PII) Payment Card Industry (PCI) and Personal Health Information (PHI) data security standards.

Desired

Experience with security control assessments within the VA using the NIST Risk Management Framework (RMF) is a plus.
Certifications such as SCA and CISA are a plus.
Exceptional written and verbal communication skills.
Strong planning organizational and time management skills.
Exceptional analytical and conceptual thinking skills.
Ability to work collaboratively with a team of peers.

Recognized as a Top 20 Best Place to Work in Virginia
Recipient of Department of Labors HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbetts Award winner
Virginia Values Veterans (V3) Certification

Traditional and HSA- eligible medical insurance plans
100% employer-paid dental and vision insurance options
100% employer-sponsored STD LTD and life insurance
5% 401(k) company matching
Flexible-schedules and teleworking options
Paid holidays and PTO Accrual Plans
Paid Parental Leave
Professional development and career growth opportunities
Team and company-wide events recognition and appreciation-- and so much more!

Check out ourLinkedInFacebook andInstagramto find out a little more about who we are and if we are the right next step for your career!

Key Skills

Intelligence
Information Technology Sales
Accounts
Auto Parts
Data Analysis

Apply Now

About Company

Harmonia Holdings Group

Join Our Team Are you an innovative thinker ready to make an impact on how government agencies meet their missions? Do you want to work for a company that values your ideas and grows your technical expertise? Join our team and watch your career advance!

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click