The ACI Group is committed to help you identify and match your skills and experience to the best job possible.
Take your first steps to an exciting new career.
Sr. Assessment Tester, Woodlawn, MD
Our client is seeking a Sr. Assessment Tester for a contract-to-hire opportunity in Woodlawn, MD.
The position will be part of an assessment team that is responsible for assuring the implementation of the Centers of Medicare & Medicaid Services (CMS) security controls for all systems.
- Assess security controls for various systems.
- Assist in process improvement and automation for the assessment methodology.
- Document control reviews and findings on time and as they occur according to client requirements.
- Conduct technical evaluation of information system design, focusing on information security aspects and accreditation according to the NIST Risk Management Framework.
- Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches.
- Conduct evaluations of information system components, management, and design, focusing on information security aspects and accreditation according to the NIST Risk Management Framework.
- Review program documentation such as Risk Assessments, Security Plans, and Contingency Plans.
- Conduct ongoing assessments of contractor facilities as needed to ensure compliance with security requirements tailoring requirements, as needed.
- Other support tasks, as needed.
- 5+ years of experience with the NIST RMF, a degree can be substituted for some years of experience.
- Understanding of the operation of relational and noSQL data base systems (Oracle, My SQL, MapReduce, etc.).
- Understanding of PaaS, IaaS, SaaS (AWS, Azure, Salesforce).
- Knowledge of FedRAMP inheritance.
- Experience in Unix/Linux, Windows systems.
- Understanding of network-based protection systems.
- Understanding of information management and protection systems (AV, Patch management, etc.).
- Understanding of system privacy controls.
- CISSP, HCISPP, CISA, or equivalent certifications.
- Understanding of System Security design (3-zone, partitioning, etc.).
- Understanding of application development methods (Dev/Ops specifically).
- Understanding of systems hardening methods and standards (GPOs, STIGS, etc.).
- Candidate must be a great communicator (both written and verbal) and be able to work with a group as well as independently.
- Must be available/able to travel up to 25%.
- Report writing experience.
- Experience with program security and information systems security best practices.
- Ideal candidate will be self-motivated, a team player, organized, and detail oriented.
- Experience in Federal security certification and accreditation.
- Understanding of NIST 800-53 policies and implementation.
- Only those individuals selected for an interview will be contacted.
- No calls, inquiries, or Third Party Vendors please.
- We are an equal opportunity employer (Unable to sponsor H1B Visas).
Since 1988, The ACI Group, a national IT staffing firm, has been committed to hiring the industry’s leading professionals and presenting exciting career opportunities. We have access to varied types of contract, permanent and contract-to-perm positions and offer a choice of employment options including a full benefits package.
Submit your resume for this job