Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Security Assessment Specialist

Remote: 
Hybrid
Experience: 
Senior (5-10 years)
Work from: 
Silver Spring (US)

Offer summary

Qualifications:

BS in Information Technology preferred, At least 5 years of recent experience, Knowledge of DOC, NOAA, and NWS policies, Certifications such as CISSP or CISA required.

Key responsabilities:

  • Conduct security assessments for cloud systems
  • Schedule and review authorization packages
ZEN STRATEGICS LLC logo
ZEN STRATEGICS LLC Information Technology & Services TPE http://zenstrategics.com/
2 - 10 Employees
About ZEN STRATEGICS LLC
Zen Strategics is a minority owned SBA 8(a) Certified niche consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization solutions. Being small allows us to be nimble, scalable, and responsive. We make sure your IT plan addresses critical security risks & vulnerabilities, continuity of operations and business impact requirements. We partner with agencies and offices to bring sustainable and cost-effective solutions to our clients as per their requirements, attributes, and constraints. Cybersecurity underpins and enables any technology-powered enterprise. We treat it as a solution-stack built and managed for the best ROI, taking a holistic approach to network protection. By integrating state-of-the-art solutions into existing security infrastructures, we quantify, visually represent, and reduce cyber risk. Core Capabilities: Controlled Unclassified Information (CUI) Governance, Implementation & Assessments, Cyber Security - Strategy & Operations, Cloud – Fed RAMP & IV&V, Mobility & Big Data, Program Management, Corporate Strategy, Market & Competitive Analysis, Systems Engineering, Business Operations, Wireless & Telecom (Public Safety/Interoperability), Strategic Alliances, Mergers & Acquisitions(Advisory, Due Diligence & Support) Federal Clients: Pension Benefit Guaranty Corporation (PBGC), Department of Education (DoEd), Small Business Administration (SBA), General Services Administration (GSA) EIS support, Housing & Urban Development (HUD), Department of Labor (DOL) OCIO, DHS NPPD Federal Network Resilience (FNR), DHS Science and Technology Directorate (S&T), Federal Communications Commission (FCC), Department of Commerce – NOAA, Department of Energy - Environmental Management, Federal Emergency Management Authority (FEMA), Department of Commerce, Census Bureau. Contract Vehicles – GSA MAS 54151S, 54151HACS, 518210ERM NAICS - 541511, 541512, 541513, 541519, 541611, 541618, 541690, 518210, 541330, 611430
See more ZEN STRATEGICS LLC offers

Job description

Description

About Zen:  

Own your opportunity to work with a client-focused agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics, LLC is a cleared, minority-owned SBA 8(a) specialized consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' digital assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data with cutting-edge technologies and proactive security measures.??  


Position Description:  

Seize your opportunity to make a personal impact as a Security Assessment Specialist. Zen is your place to make meaningful contributions to challenging projects and grow a rewarding career. As a Security Assessment Specialist, you will be responsible for ensuring the accurate and timely accomplishment of our client’s security controls assessments in accordance with DOC, NOAA, and NWS policies and procedures for implementation of the Risk Management Framework. This position is a key member of our client delivery Assessment and Authorization (A&A). We are actively seeking a highly proficient Security Assessment Specialist able to with general guidance conduct assessments on Cloud systems, blended On Prem systems with cloud components, including combinations of Software as a Service (SAAS), Platform as a Service (PAAS) and Infrastructure as a Service (IAAS) topologies. Cloud services are from various vendors (Microsoft (MS) Azure, Google Cloud, Amazon Web Services (AWS), along with scheduling penetration tests. Position requires being present during core business hours of 9:00 AM to 3:00 PM and cannot begin work any earlier than 7 AM. Work is authorized to be performed from a remote location 2-3 days a week. However, be able to be onsite with as little as 24 hours' notice. 

Requirements

 

Responsibilities:  

As a Security Assessment Specialist, you’ll be Zen’s expert, developing and implementing security standards and best practices for cloud infrastructure and solutions in AWS, Azure, OCI, and GCP cloud platforms hosted in FedRAMP and FedRAMP environments. You’ll assist the ISSM in meeting their duties and responsibilities by scheduling, preparing, reviewing, and updating authorization packages. You’ll ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Analyze, plan, and develop projects plans as directed by NWS ISSM. Determines and defines clear deliverables to meet requirements and customer requests. Builds and maintains internal relationships with IT process owners supporting the service and assists with the definition and agreement of Operating Level Agreements. Coordinate with Operations and Maintenance (O&M) teams to drive compliance with Security Controls and requirements.  

Required Education/ Qualifications: 

  • Education: BS in Information Technology, Project Management, or Cybersecurity preferred 
  • Experience:  
  • Knowledge of DOC, NOAA, and NWS IT security policies and implementation standards or those of similar sized organizations AND comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and Federal Information Processing Standards. 
  • At least 5 years of recent experience (within the last 6 years) in applying IT security concepts, methodologies, principles, procedures and using industry-standard IT security tools. 
  • At least 5 years of recent experience (within the last 6 years) with enterprise architecture methodologies, concepts, procedures, principles, and tools. 
  • At least 5 years of recent experience (within the last 6 years) in contingency planning and backup and recovery best practices and application of NIST guidance in this area. 
  • At least 5 years of recent experience (within the last 6 years) in using technical testing tools (Tenable Security Center, ArcSight, IBM Big Fix, etc.). 
  • At least 5 years of recent experience (within the last 6 years) in conducting penetration testing or the ability to bring in a penetration tester when required. 
  • At least 5 years of performing assessments of Federal Information Systems using the Risk Management Framework. 
  • US Citizenship Required.  
  • Certifications: Possess at least one of the following professional certifications required by DOC Enterprise Cybersecurity Policy (ECP) Annex C-1: Information System Security Training for Significant Roles for a Certification Agent/Security Controls Assessor:  
  • Certified Information Systems Security Professional (CISSP) 
  • Certified Information Systems Auditor (CISA) 
  • GIAC Certified Incident Handler (GCIH) 
  • GIAC Systems and Network Auditor (GSNA)  
  • Electronic Commerce Council Certified Ethical Hacker (CEH) 
  • ISC2 Certified in Governance, Risk and Compliance (CGRC) 
  • Security Certified Network Professional (SCNP) 
  • Security Certified Network Architect (SCNA) 

If you do not possess one of the certifications above, you must provide documentation showing you have already taken training and copy examination scheduled.  You must pass the exam within six months of joining Zen Strategics.  

  • Strong written and verbal communication and collaborative team interpersonal skills. 
  • Ability to manage multiple projects simultaneously. 
  • Proficiency in interview skills 
  • Proficiency in interpersonal skills. 
  • Proficiency in handling multiple tasks concurrently. 
  • Successful completion of background investigation without any adverse findings are required. Knowledge of and experience with the technical and administrative information system security requirements for high impact, high availability systems in government organizations is required. 

Zen Serenity

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Information Technology & Services
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Penetration TestingCyber Security AssessmentRisk Management FrameworkCloud SecurityNIST 800-37Backup And RestoreGoogle Cloud Platform (GCP)Amazon Web ServicesContingency PlanningGainsightMicrosoft AzureGcov

Other Skills

  • Teamwork
  • Communication
  • Social Skills
Are you interested?

Security Analyst Related jobs

See more Security Analyst jobs
Sign in or sign up with Google or LinkedIn