Jacobs has an opening for a Senior Security Controls Assessor (SCA) to support a prime contract in our Columbia, MD office. You will be responsible for:
- Conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).
- Providing an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities.
- Providing identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance.
- Conducting on-site evaluations.
- Validating the security requirements of the information system.
- Verifying and validates that the system meets the security requirements.
- Coordinating penetration testing.
- Providing a comprehensive verification and validation report (certification report) for the information system.
- Providing process improvement recommendations.
- Assisting the Government to draft standards and guidelines for usage.
Here's What You'll Need:
- Twelve (12) years of related work experience. A Bachelor’s Degree in Computer Science or IT Engineering may be substituted for four years of experience
- DoD 8570-1M Change 2 IAT Level III or IAM Level III requirements (CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CISM OR GSLC
- Active TS/SCI with current polygraph
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.
- Strong presentation, report writing and customer interface skills
- Familiarity with various operations systems such as Microsoft Windows, various versions of UNIX (AIX, Solaris, HPUX, etc), and Linux
- Detailed knowledge of TCP/IP and other major protocols (i.e. NetBEUI, NETBIOS, IPX/SPX) and the inherent weaknesses of the protocols
- Understanding of ‘hacking’ methodology concerning performing a vulnerability assessment
- Ability to describe a system's avenues of compromise in a network environment and differentiate between various types of network attacks
- An understanding of a typical secure topology and architecture for a site connected to the Internet (i.e. routers, firewalls, web servers)
- Understanding of how to read and interpret a network diagram and identify possible security related concerns
- The ability to keep a robust security skill set current and to work on multiple projects concurrently
- Working at a computer or desk (Considerations: Sitting, Eyes, Hands)
- May involve long periods of sitting
Equipment and Machines:
- An inside office environment (Considerations: Closed quarters, lighting, and temperature fluctuations)
- Needs to be able to work well with and support co-workers and clients
- Needs to have clear, concise and accurate communication skills
- Standard office equipment and machines, computer workstation
Other Essential Functions:
- Punctuality and regular attendance are necessary to meet deadlines
- Regular attendance is necessary and required
- Must be able to communicate effectively
- Must demonstrate professional behavior at all times when dealing with clients, management and employees
- Grooming and dress must be appropriate for the position and must not impose a safety risk to the employee or others
- Must be able to support and work in a proactive team environment
- Must hold the safety of yourself and those around you as the number one priority in the workplace
: United States-Maryland-Columbia-20351-VDMD
: Dec 1, 2020, 8:08:57 PM
: Information Technology
Job Classification: Full-Time Regular
Capabilities: Cyber Security