Develop and execute comprehensive security assessments, ensuring compliance with regulations while working with a team to analyze risks and enhance security measures.
Who We’re Looking For (Position Overview):
Spry Methods is on the search for a Security Assessor to join our team in DC.
What Your Day-To-Day Looks Like (Position Responsibilities):
Strong working knowledge of IT Security requirements, technical security countermeasures, risk managements processes, contingency planning, and secure data communications
Experience conducting full cycle Security Assessments & Authorizations (SA&A)
Testing will include network, system, application and NIST control testing from administrative and technical perspectives
Experience analyzing vulnerability scans and interpreting risks and employing manual checks to validate vulnerability data
Be able to assist the customer with understanding risk and providing risk mitigation
Will create Security Assessments Plans, Reports, and POA&Ms
The security assessment team conducts documentation reviews, inspections, and interviews with key personnel knowledgeable/ responsible for the various controls
Personnel interviewed are asked to show evidence of compliance, demonstration security features, provide access to (or screenshots of) configuration files and system logs, and perform tests
The determination of compliance will be based upon responses to questions and analysis of supporting evidence..
Knowledge of CSAM is a plus
What You Need to Succeed (Minimum Requirements):
At least 5 years experience
Bachelor's Degree or 4 years of specialized experience
Strong security assessor background
Must understand the Risk Management Framework (RMF) process
