Jan 14
Secret
Mid Level Career (5+ yrs experience)
$125,000 - $150,000
IT - Security
Aber Prov Grd, MD (On/Off-Site)
POSITION: Cybersecurity Technical Auditor
LOCATION: Aberdeen Proving Ground, MD
SCOPE: Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC).
RESPONSIBILITIES:
Secure Code Review
Utilize HP Fortify to examine code scan results submitted by developers.
Identify and verify noted false positives
Provide comments on scan results and vulnerabilities present, recommend POA&M mitigations.
Software and Hardware Assessments
Install software on isolated VM and assess software against 800-53 controls and AS&D STIG
Utilize Wireshark and Attack surface analyzer to assess software traffic and connections
Assess Hardware against named STIG or SRG
Document assessment results and potential mitigations
Assist with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations
STIG checklist reviews for packages managed by the branch
Auditing of technical controls within eMASS.
QUALIFICATIONS:
Bachelor’s Degree in directly related field and at least 5 years of relevant experience; Relevant work experience may be substituted for Bachelor's degree
Must hold one of following certifications:
CSSP-AU
CISA
IASAE
CASP+CE, CISSP or associate, CSSLP
Must possess DOD 8570.01-M certifications meeting the requirements for IAT Level II or IAM Level I.
Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
Specialized experience in AS&D STIG compliance, secure software development/testing, static and dynamic code analysis, software assurance, software assessments, application threat modeling, performing software and hardware risk and vulnerability analysis, or a closely related function, such as technical assessment of software for networks, applications and systems; using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, and other software assurance tools.
SECURITY CLEARANCE:
Ability to obtain/maintain Secret clearance is required
LOCATION: Aberdeen Proving Ground, MD
SCOPE: Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC).
RESPONSIBILITIES:
Secure Code Review
Utilize HP Fortify to examine code scan results submitted by developers.
Identify and verify noted false positives
Provide comments on scan results and vulnerabilities present, recommend POA&M mitigations.
Software and Hardware Assessments
Install software on isolated VM and assess software against 800-53 controls and AS&D STIG
Utilize Wireshark and Attack surface analyzer to assess software traffic and connections
Assess Hardware against named STIG or SRG
Document assessment results and potential mitigations
Assist with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations
STIG checklist reviews for packages managed by the branch
Auditing of technical controls within eMASS.
QUALIFICATIONS:
Bachelor’s Degree in directly related field and at least 5 years of relevant experience; Relevant work experience may be substituted for Bachelor's degree
Must hold one of following certifications:
CSSP-AU
CISA
IASAE
CASP+CE, CISSP or associate, CSSLP
Must possess DOD 8570.01-M certifications meeting the requirements for IAT Level II or IAM Level I.
Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
Specialized experience in AS&D STIG compliance, secure software development/testing, static and dynamic code analysis, software assurance, software assessments, application threat modeling, performing software and hardware risk and vulnerability analysis, or a closely related function, such as technical assessment of software for networks, applications and systems; using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, and other software assurance tools.
SECURITY CLEARANCE:
Ability to obtain/maintain Secret clearance is required
group id: 10124333
