By submitting your resume for this position, you understand and agree that ASEC may share your resume, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions.
ASEC is an Equal Opportunity/Affirmative Action Employer.
We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. Equal Opportunity Employer Minorities/Women/Vets/Disabled.
Candidates must already possess a current and active TS/SCI with Poly clearance to be considered for this position
The candidate will serve as a Security Technical Assessor conducting technical security assessments of Sponsor’s IT systems. This position will support activities of the group to assess and report risks and vulnerabilities of organization systems in order to provide senior decision makers with actionable data to make strategic investment decisions.
Roles and responsibilities include but are not limited to:
• Evaluate Customer systems against, NIST 800.53 R4, RMF, and other security standards and publications, as well as internally defined Organizational Values.
• Conduct hands-on A&A related security testing, analyze test results, document risk, and recommend countermeasures. o Assist in providing security guidance for internal Sponsor documentation as well as reciprocity documentation.
• Develop and provide documentation to Sponsor which describes all identified system risks, planned test procedures taken, and test results. • Maintain accountability to endure integrity and confidentiality of the process.
• Provide analysis of vulnerabilities identified by compliance tools.
• Conduct TEM’s to verify and validate systems against NIST and RMF.
• Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
• Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
• Brief management, as needed, on the status of action items and/or results of activities.
• Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing and provide recommendations for risk decisions to Sponsor.
• Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
• Provide enhancement capabilities and SOPs to assessment operations for execution and implementation.