Monster is currently seeking a Security Controls Assessor (SCA) for a position open in McLean, VA. The ideal candidate must be familiar with assessment and testing methodologies aligned with FedRAMP, Continuous Compliance, and 800-53A testing guidelines. This position will work directly with technical and business leadership across the organization to select, deploy and validate security controls to ensure security and compliance requirements are maintained for FedRAMP accredited systems.
- Conduct comprehensive assessments of the management, operational, and technical security controls employed within or inherited (Common Controls Provider) by the system to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).
- Perform oversight of the development, implementation and evaluation of information system security program policies and procedures.
- Provide an assessment of the severity of weaknesses or deficiencies discovered in the system and its environment of operation and recommend corrective actions to address identified vulnerabilities.
- Advise system owner, technical, and operations teams on security testing methodologies and processes.
- Conduct certification tests that include verification of features and security controls required for FedRAMP Moderate level systems and maintain a repository for all objective evidence (collective Body of Evidence (BoE)) for certification/accreditation documentation.
Bachelor’s Degree in Information Systems, Engineering, or equivalent work experience.
Expert knowledge of FedRAMP, NIST 800-53A, and FISMA frameworks.
Strong project management and communication skills (written and oral) with internal organizations and external/internal auditors.
Minimum three (3) years hands on experience implementing, assessing and managing security controls for federal environments or systems accredited through FedRAMP.
Understanding of best practices for conducting web application and infrastructure hosting vulnerability testing.
Understanding of information security concepts and methodology and ability to learn new technologies.
Ability to develop good working relationships with customers, colleagues and other stakeholders.
Public Trust Clearance and/or Federal Agency specific clearances.
Click Here To Apply