Cybersecurity Technical Auditor - Akima, LLC

SAVA is looking for a Cybersecurity Technical Auditor to work at Aberdeen Proving Ground, TX.

Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC).  Responsibilities include:

• Performs Secure Code Review 
  • Uses HP Fortify to examine code scan results submitted by developers.
  • Identifies and verifies noted false positives.
  • Provides comments on scan results and vulnerabilities present, recommend POA&M mitigations.   
• Conducts Software and Hardware Assessments
  • Of installed software on isolated VM and assess software against 800-53 controls and AS&D STIG,
  • Uses Wireshark and Attack surface analyzer to assess software traffic and connections.
  •  Assesses Hardware against named Security Technical Implementation Guides (STIGs) or Security Requirements Guides (SRGs).
  • Documents assessment results and potential mitigations.
• Assists with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations.
• STIG checklist reviews for packages managed by the branch.
• Provide auditing of technical controls within eMASS.

• Plans and implements security measures to protect computer systems, networks, and data from loss and service interruptions.
• Analyzes and documents security risks, breaches, and other cyber security incidents and the damage they cause.
• Oversees the monitoring of the computer networks for security issues.
• Installs and operates security software and measures to protect systems and information infrastructure, including firewalls and data encryption programs.
• May train staff on network and IT security procedures.
• Handles complex issues and problems and refers only the most complex issues to higher-level staff.
• Possesses comprehensive knowledge of subject matter.
• Performs work under minimal supervision.
• May act as a lead.

• Active Secret security clearance
• Bachelor’s Degree in directly related field and at least 5 years of relevant experience; relevant work experience may be substituted for bachelor’s degree.
• Must hold one of following DOD 8570 baseline certifications:
  1. CSSP-AU (CEH, CySA+ (formerly CSA+), CISA, GSNA, CFR, PenTest)
  2. IAT III or IASAE (CASP+CE, CISSP (or Associate), CSSLP) 
• Must possess DOD 8570 baseline certifications meeting the requirements for:
  1. IAT Level II or IAM Level I
• Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
• Specialized experience in:
  • AS&D STIG compliance
  • Secure software development/testing
  • Static and dynamic code analysis
  • Software assurance, software assessments application threat modeling.
  • Performing software and hardware risk and vulnerability analysis or a closely related function, such as technical assessment of software for networks, applications and systems.
  • Using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, or other software assurance tools. 

This Hybrid position requires applicants to be within 1.5 – 2 hours commute from Aberdeen Proving Ground, MD or FT Cavazos, TX for IT support.