Security Controls Assessor 3

ORANGE you glad that you chose RealmOne?

RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch security professionals.

Join us on this journey as we execute this new mission-critical contract providing Cybersecurity Expertise and Risk Management!

Your effort and expertise are crucial to the success and execution of this impactful mission that is critical in ensuring mission success through Security Engineering, Vulnerability Testing, Penetration Testing, Risk Management and Assessment, Insider Threat Analysis, and IT Policies and Procedures by improving, protecting, and defending our Nation’s Security.

Job Description:

Conduct verification and validation for security compliance of low and moderately complex information systems, products, and components. Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures. Provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance. Conduct on-site evaluations. Validate the security requirements of the information system. Verify and validate that the system meets the security requirements. Provide vulnerability assessment of the system, coordinate penetration testing, and provide a comprehensive verification and validation report (certification report) for the information system. Provide process improvement recommendations. Draft standards and guidelines for usage.

The Level 3 Security Controls Assessor shall possess the following capabilities:

• Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures
• Conduct on-site evaluations
• Conducts verification and validation for security compliance of low and moderately complex information systems, products, and components
• Provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance
• Validate the security requirements of the information system
• Verify and validate the system meets the security requirements
• Provide vulnerability assessment of the system, coordinate penetration testing, and provide a comprehensive verification and validation report (certification report) for the information system
• Facilitate penetration testing
• Provide a comprehensive verification and validation report (certification report) for the information system

Qualifications:

• 12 years experience in security, systems engineering or system assessment to include recent experience within the last 3 years in 5 or more of the following areas: Cybersecurity principles and technology, including access/control, authorization, identification and authentication, PKI, network and enterprise security architecture is required.
• Bachelor’s degree in Computer Science or Information Technology Engineering or related field of study is required.
• Master’s degree in Computer Science or Information Technology Engineering or related field of study may be substituted for 2 years experience, reducing the requirement to 10 years experience.
• In lieu of a Bachelor’s degree, an additional 4 years in security or system engineering experience may be substituted.

Certifications Required:

• DoD 8570 compliance with IAT III or IAM III is required.

Position requires active Security Clearance with appropriate Polygraph