Security Testing Lead

Scitor   •  

Mclean, VA

5 - 7 years

Posted 274 days ago

This job is no longer available.

The position will be lead a team of security test engineers, responsible for assuring the adherence of Center of Medicare & Medicaid Services (CMS) security controls for mission critical systems.

Job duties/responsibilities:

- Conduct technical evaluation of information system design, focusing on information security aspects and accreditation
- Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
- Perform vulnerability/risk assessment analysis to support accreditation and other program protection activities
- Prepare and review program documentation to include Risk Assessment Reports, Accreditation Packages, and security policy guides
- Coordinate with external organizations and guide accreditation packages through the customer process
- Review requests for software installation and conduct technical risk assessment on implementation of the software
- Work closely with system administrators to validate patching, AV definitions and other security tools are updated/not vulnerable
- Coordinate and track security action requests and status
- Assist contractors with facility designs to incorporate appropriate security features, conduct pre- accreditation inspections, and provide assistance in preparation of accreditation documents
- Conduct periodic assessments of contractor facilities to ensure compliance with security requirements tailoring requirements as needed
- Assist customer staff with resolving any operational security issues involving supporting contractors
- Maintain operational security posture for the program
- Conduct weekly auditing requirements and analyze results



- Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience


- The ISSE provides technical expertise on computer network design, implementation, and accreditation.
- The ISSE also provides oversight and coordination for multiple contractors supporting program objectives.
- Qualified candidates. Must be available/able to travel up to 25%

- Bachelor’s and 5 years exp or Master’s Degree
- Candidate must be a great communicator (written and verbal) and be able to work with a group or independently
- Excellent interpersonal skills
- Expertise in certification and accreditation
- Expertise in NIST 800-53 policies and implementation
- Direct ISSO and/or ISSE experience working with accreditations
- Experience interacting with program ISSM staff
- Experience with program security and information systems security best practices
- Familiarity with security accreditation process
- Experience managing privileged user requirements
- Ideal candidate will be self-motivated, organized, and detail oriented

- CISSP, Security+ or equivalent certifications
- Familiarity with applicable HHS and CMS policies, procedures and operating instructions related to program security, information assurance and information management

(Job Number:435770)