Location
Rockville, MD | United States
Job description
Cybersecurity Assessor
Be the Difference
Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.
Astrion has an exciting opportunity for a Cybersecurity Assessor for the NRC – CPSS Contract , supporting the Civilian Division.
JOB DETAILS
LOCATION: Remote/Rockville, MD; 90% remote. Must live in the DMV area for occasional customer meetings in Rockville, MD. These meetings could be last minute requests.
JOB STATUS: Full-Time
TRAVEL: 10%; occasional domestic travel
REQUIRED QUALIFICATIONS / SKILLS
- BA/BS or 5 years additional equivalent experience.
- 6 years IT experience, with 4 years specialized in Information Assurance.
- The ability to obtain an NRC Security Clearance; US Citizenship required for all candidates.
- Must hold at least one of the following certifications: CompTIA Security+, CISSP, ISACA CISA, GIAC GSEC, GIAC GSNA, GIAC GPEN, CEH, CAP, CASP+, CRISC, or CCSK.
DESIRED QUALIFICATIONS / SKILLS
- A proficient understanding of FISMA, NIST Special Publications and Federal Information Processing Standards, and other federal requirements such as executive orders and OMB mandates.
- Excellent written and oral communication skills; attention to detail is essential.
- Extensive experience analyzing and communicating scan results from vulnerability scanning tools such as Tenable Nessus.
- Proficient knowledge of DISA STIGS and CIS Benchmarks and how to apply the requirements to specific IT products.
- Extensive experience examining FedRAMP authorization packages to identify risks associated with the use of cloud offerings and performing an assessment of security controls for which the customer is at least partially responsible for implementing.
- Specific experience identifying risk and assessing the security state of IT products such as network devices, web servers and web applications, security appliances, databases, intrusion detection/prevention, and anti-malware and strong knowledge of cloud platforms such as Azure and Amazon Web Services (AWS).
- Understanding of current security threats and active exploits impacting specific IT sectors and/or products that might also impact customer systems.
Proficient in analyzing security architectures and design, with experience identifying inherent risk associated with each based on the current threat landscape.
- Experience with performing technical architecture reviews of complex systems with a strong understanding of a system's authorization boundary.
- Knowledge of system and application security threats and vulnerabilities.
- Proficiency with Microsoft Office applications.
- Ability to prioritize and complete tasks efficiently and effectively.
- Comfortable working individually and as part of a team.
- Scripting ability (e.g., PowerShell, VBA) is a plus.
RESPONSIBILITIES
- Work closely with all levels of personnel, including system administrators, Information System Security Managers (ISSMs), and Authorizing Official (AO), to support FISMA systems through the Security Assessment & Authorization (SA&A) lifecycle.
- Assess/audit systems to analyze risk and report on identified weaknesses.
- Develop system cybersecurity assessment artifacts.
- Conducting in-depth technical reviews of new and existing IT systems.
- Perform and document the results of vulnerability scans and configuration compliance checks against configuration standards such as DISA STIGs and CIS Benchmarks.
What We Offer
- Competitive salaries
- Continuing education assistance
- Professional development allotment
- Multiple healthcare benefits packages
- 401K with employer matching
- Paid time off (PTO) along with a federally recognized holiday schedule
Who We Are
At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to “Be the Difference”. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.
We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what’s possible. We promote collaboration and empowering our teams is at the core of our success.
Join Astrion and Be the Difference in your career and the world!
Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Job tags
Salary