Your browser cookies must be enabled in order to apply for this job. Please contact support@jobscore.com if you need further instruction on how to do that.

Information Assurance - Security Controls Assessor

Mission Services | St. Louis, MO | Full Time

Job Description

Information Assurance - Security Controls Assessor

Hours: Full time (day)

Clearance: ***Must have current TS/SCI and able to pass polygraph within 60 days of hire***

Location: St. Louis, MO

Required Education & Certifications: Graduate Degree or equivalent experience in the related field.

Required Experience: 10 or more years of experience in the related field.

Required Qualifications: Experience in performing three or more areas information security compliance, risk management, security engineering, system certification, IT operations security.

Desired:

  • Current compliant with DoD 8570 IAM or IAT level 2 or 3. At a , Candidates must provide demonstrable progress to achieve a DoD 8570 compliant within 90 days of hire and maintain certification throughout employment.

  • Working knowledge or experience with DIACAP, DCID 6/3 and ICD 503/RMF

  • System Testing methodologies experience (includes but is not limited to: penetration testing, configuration analysis and security best practices validation) as well as experience with a variety of security testing and penetration testing tool sets (includes but is not limited to: WASSP, SECSCN, Backtrack 5, ACAS/Nessus (Security Center & Nessus Vulnerability Scanner), Wireshark, Retina & Tripwire)

  • Network Discovery & Visual Analytics experience (i.e., IP Sonar, )

  • Red / Blue team assessment experience

  • Cyber Incident handling

  • Working knowledge of Forensic tools and analysis

  • Experience using XACTA

  • Experience within the Intelligence Community

Description:

Information Assurance Specialist (Security Controls Assessor) to support a Government client. The candidate will provide support in Risk Assessing and continuous monitoring of the organization’s information systems following ICD 503 standards and best practices. The candidate will provide various levels of Information assurance by developing test plans and assessing or auditing security controls of systems by applying best practices of NIST 800-73, 800-53, 800-53A, and CNSS 1253 guidance. The individual will provide recommendations concerning the safeguarding of information systems and will conduct a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls.

Specific Duties:

  • Implement a Continuous Monitoring strategy (per ICD 503) appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques

  • Support the preparation of the Security Assessment Report (SAR), Develop Test plans, Execute and Assess the Security Controls within the Test Plans

  • Review Security Plan (SSP or SSA)

  • Develop and assist in development of Plan of Action and Milestones (POA&M) containing corrective actions required for unacceptable risks

  • Provide configuration management and control processes to integrate security and risk management

  • Conduct security impact analyses of controls on proposed system changes

  • Support FISMA and CCRI

About EICORP:

EICORP is a leader intelligence, surveillance, and reconnaissance; advanced cyber solutions; cloud and managed IT solutions; engineering, and information-based solutions for law enforcement and homeland security. We provide training and logistics in support of readiness operations; and operational support services and solutions in support of organizations not limited to DHS, DoD, and the Intelligence Community (IC). We hire mission enablers who reflect our communities and proactively embrace diversity and inclusion, to advance our corporate culture, develop our family of employees into the best they can be, and in turn grow our market share throughout the industry.