Cybersecurity Technical Auditor - Akima, LLC
Aberdeen Proving Ground, MD
About the Job
Overview:
SAVA is looking for a Cybersecurity Technical Auditor to work at Aberdeen Proving Ground, TX.
Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC). Responsibilities include:
- Performs Secure Code Review
- Uses HP Fortify to examine code scan results submitted by developers.
- Identifies and verifies noted false positives.
- Provides comments on scan results and vulnerabilities present, recommend POA&M mitigations.
- Conducts Software and Hardware Assessments
- Of installed software on isolated VM and assess software against 800-53 controls and AS&D STIG,
- Uses Wireshark and Attack surface analyzer to assess software traffic and connections.
- Assesses Hardware against named Security Technical Implementation Guides (STIGs) or Security Requirements Guides (SRGs).
- Documents assessment results and potential mitigations.
- Assists with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations.
- STIG checklist reviews for packages managed by the branch.
- Provide auditing of technical controls within eMASS.
- Plans and implements security measures to protect computer systems, networks, and data from loss and service interruptions.
- Analyzes and documents security risks, breaches, and other cyber security incidents and the damage they cause.
- Oversees the monitoring of the computer networks for security issues.
- Installs and operates security software and measures to protect systems and information infrastructure, including firewalls and data encryption programs.
- May train staff on network and IT security procedures.
- Handles complex issues and problems and refers only the most complex issues to higher-level staff.
- Possesses comprehensive knowledge of subject matter.
- Performs work under minimal supervision.
- May act as a lead.
- Active Secret security clearance
- Bachelor’s Degree in directly related field and at least 5 years of relevant experience; relevant work experience may be substituted for bachelor’s degree.
- Must hold one of following DOD 8570 baseline certifications:
- CSSP-AU (CEH, CySA+ (formerly CSA+), CISA, GSNA, CFR, PenTest)
- IAT III or IASAE (CASP+CE, CISSP (or Associate), CSSLP)
- Must possess DOD 8570 baseline certifications meeting the requirements for:
- IAT Level II or IAM Level I
- Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
- Specialized experience in:
- AS&D STIG compliance
- Secure software development/testing
- Static and dynamic code analysis
- Software assurance, software assessments application threat modeling.
- Performing software and hardware risk and vulnerability analysis or a closely related function, such as technical assessment of software for networks, applications and systems.
- Using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, or other software assurance tools.
This Hybrid position requires applicants to be within 1.5 – 2 hours commute from Aberdeen Proving Ground, MD or FT Cavazos, TX for IT support.
Source : Akima, LLC