Security Testing Lead

5 - 7 years experience  • 

Salary depends on experience
Posted on 04/20/18
Mclean, VA
5 - 7 years experience
Salary depends on experience
Posted on 04/20/18


JOB DESCRIPTION:
The position will be lead a team of security test engineers, responsible for assuring the adherence of Center of Medicare & Medicaid Services (CMS) security controls for mission critical systems.

Job duties/responsibilities:

- Conduct technical evaluation of information system design, focusing on information security aspects and accreditation
- Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
- Perform vulnerability/risk assessment analysis to support accreditation and other program protection activities
- Prepare and review program documentation to include Risk Assessment Reports, Accreditation Packages, and security policy guides
- Coordinate with external organizations and guide accreditation packages through the customer process
- Review requests for software installation and conduct technical risk assessment on implementation of the software
- Work closely with system administrators to validate patching, AV definitions and other security tools are updated/not vulnerable
- Coordinate and track security action requests and status
- Assist contractors with facility designs to incorporate appropriate security features, conduct pre- accreditation inspections, and provide assistance in preparation of accreditation documents
- Conduct periodic assessments of contractor facilities to ensure compliance with security requirements tailoring requirements as needed
- Assist customer staff with resolving any operational security issues involving supporting contractors
- Maintain operational security posture for the program
- Conduct weekly auditing requirements and analyze results

Qualifications:

TYPICAL EDUCATION AND EXPERIENCE:

- Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience

REQUIRED SKILLS:

- The ISSE provides technical expertise on computer network design, implementation, and accreditation.
- The ISSE also provides oversight and coordination for multiple contractors supporting program objectives.
- Qualified candidates. Must be available/able to travel up to 25%
REQUIRED EDUCATION AND EXPERIENCE:

- Bachelor’s and 5 years exp or Master’s Degree
- Candidate must be a great communicator (written and verbal) and be able to work with a group or independently
- Excellent interpersonal skills
- Expertise in certification and accreditation
- Expertise in NIST 800-53 policies and implementation
- Direct ISSO and/or ISSE experience working with accreditations
- Experience interacting with program ISSM staff
- Experience with program security and information systems security best practices
- Familiarity with security accreditation process
- Experience managing privileged user requirements
- Ideal candidate will be self-motivated, organized, and detail oriented
PREFERRED:

- CISSP, Security+ or equivalent certifications
- Familiarity with applicable HHS and CMS policies, procedures and operating instructions related to program security, information assurance and information management

(Job Number:435770)

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.