Security Assessor jobs in United States
cer-icon
Apply on Employer Site
company-logo

TLA-LLC · 2 months ago

Security Assessor

positionWashington, District of Columbia, United States
timeFull-time
remoteOnsite
seniorityMid Level

TLA-LLC is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications. This role involves conducting comprehensive assessments, identifying vulnerabilities and security risks, and collaborating with IT and development teams to recommend and validate remediation strategies.

Information Technology & Services
check
Growth Opportunities

Responsibilities

Conduct Security Assessments: Perform in-depth evaluations and testing of management, operational, and technical security controls across various systems, networks, and software applications
Identify Vulnerabilities and Risks: Utilize assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document findings, and assess the severity of risk
Documentation and Reporting: Prepare detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms), for identified weaknesses and deficiencies
Ensure Compliance: Verify and validate that systems and processes meet established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP)
Remediation and Collaboration: Collaborate with system owners, IT teams, and developers to recommend corrective actions, provide guidance on secure practices, and ensure the proper implementation of mitigation strategies
Continuous Monitoring: Support the development and implementation of a continuous monitoring strategy and assess proposed changes to information systems that could affect their security posture
Stay Current: Monitor and analyze security trends, threats, and new technologies to stay updated on emerging risks and mitigation techniques

Qualification

Cybersecurity principlesRisk management frameworksVulnerability scanningPenetration testingSecurity Assessment PlansCompliance standardsDocumentation skillsCommunication skillsCollaboration skills

Required

Deep understanding of cybersecurity principles
Knowledge of risk management frameworks
Ability to communicate complex information clearly to technical and non-technical stakeholders
Experience in conducting in-depth evaluations and testing of management, operational, and technical security controls
Proficiency in utilizing assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review)
Experience in preparing detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms)
Knowledge of established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP)
Experience in collaborating with system owners, IT teams, and developers to recommend corrective actions and provide guidance on secure practices
Experience in supporting the development and implementation of a continuous monitoring strategy
Ability to monitor and analyze security trends, threats, and new technologies

Company

TLA-LLC

twitter
company-logo
TLA, LLC is a technology services and solutions company providing the U.S.
dateFounded in 2023
location
Fairfax County, VA, US
people-size11-50 employees
web-link
https://tla-llc.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase