We seek a Security Control Assessor / Security Officer for our client in their Ft. Lauderdale, FL office. This is a 6 to 12-month engagement to start and may be extended well beyond that. This is a great client with a relaxed yet professional environment that places a high value on its employees and contractors.
This Security Control Assessor / Security Officer's key role managing several smaller projects while creating and providing POAMs / POA&M from previously completed risk assessments to technical teams for remediation. In addition, the Security Control Assessor / Security Officer’s Manager role will be responsible for explaining each POAM / POA&M to the appropriate technical operations team members and following each POAM / POA&M through until completion.
The Security Control Assessor / Security Officer must have documented experience with the NIST RMF and SP800-53r4 security controls as well as performing NIST RMF based risk assessments and\or experience with creating NIST SP800-18r1 security plans.
Additional titles you may have called yourself include:
SENIOR INFORMATION SECURITY OFFICER
AUTHORIZING OFFICIAL DESIGNATED REPRESENTATIVE
COMMON CONTROL PROVIDER
INFORMATION SYSTEM OWNER
INFORMATION SYSTEM SECURITY OFFICER
INFORMATION SECURITY ARCHITECT
INFORMATION SYSTEM SECURITY ENGINEER
- 5+ years of information security / IS risk, assessment, and other forensic work including the duties above and tools below
- 2+ years of extensive project managment work, leading projecst through all phases from planning (i.e. POA&M creation) through all steps of implementation and completion.
- MUST HAVE NIST RMF and SP800-53r4 security controls as well as performing NIST RMF based risk assessments and\or experience with creating NIST SP800-18r1 security plans
- Intimate knowledge of and experience with the NIST RMF and NIST SP800-53r4 security controls is required
- Experience with AccessData’s Forensic Toolkit / FTK tool is preferred but those experienced with eMASS, Xacta, RSA Archer, or DIACAP to NIST conversion or other tools that use NIST based controls will be sufficient
- Experience with LogRhythm is a plus
- Bachelor’s degree preferred, or the additional equivalent of work experience will be considered in lieu of this
Please send resumes to Jon Meredith at firstname.lastname@example.org or call 954.715.4793
For a complete list of jobs visit http://www.arcgonline.com