Security Assessor

Vaga não está no LinkedIn

🕒 Novembro 13, 2025

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

DataLock Consulting Group

SiteLinkedInTodas as Vagas

11 - 50 funcionários

Fundada em 2013

🔒 Cibersegurança

📋 Conformidade

Cybersecurity • Compliance • Healthcare

A DataLock Consulting Group é uma empresa de consultoria em cibersegurança que se especializa no desenvolvimento de programas de segurança, conformidade e arquitetura e engenharia de segurança. Eles acreditam em integrar a cibersegurança na base de redes e sistemas, em vez de tratá-la como uma consideração secundária. Atendem a diversos setores, incluindo governo, financeiro, aeroespacial e saúde, oferecendo serviços como gestão de risco, avaliações de segurança e segurança em nuvem.

Descrição

• Conduct security control assessments of the security and privacy controls implemented by an information system to determine the overall effectiveness of the controls • Develop, document and review System Rules of Engagement (ROE), Security Assessment Plans (SAPs) and Security Assessment Reports (SARs). • Perform quality control on the assessment and associated deliverables. • Participate as an individual contributor for complex system assessments. • Develop practical and risk-based approaches for security control implementation and vulnerability remediation. • Work closely with ISSOs (contractors and Government) and the technical team and ensure all appropriate A&A supporting documentation is provided prior to conducting the assessment. • Conduct Security Assessment Kickoff briefings and SAR briefings. • Analyze security control findings for information systems and applications to convey weaknesses. • Document security assessment results accurately; read, understand, and convey vulnerabilities found during the assessments. • Perform audits of each system and provide an authorization recommendation based on determination of risk to the customer.

🎯 Requisitos

• 1+ years of experience performing security testing and/or security control assessments. • 1+ years of experience with developing and documenting the SAPs, and SARs. • 1+ years of experience utilizing NIST 800-53 and 800-53A. • Knowledge of the NIST Cybersecurity Framework, Risk Management Framework, FIPS, and other NIST A&A publications. • Experience assessing and providing recommendation on the following: Privacy Impact Assessment, Risk Assessment, System Security Plan, Disaster Recovery / Contingency Plan, and Incident Response Plan. • Knowledge of the Systems Development Life Cycle (SDLC) and its application in the development of technology solutions. • Knowledge and skills to perform and document the assessment. • Understanding of tools such as Nessus, Web Inspect, Db Protect and Splunk. • Familiar with the cloud environments (services/security) and FedRAMP A&A process. • Effective verbal and written communication skills with ability to effectively communicate with all levels of users and teammates both written and verbally. • Effective technical writing and documentation processing skills.

🏖️ Benefícios

• Remote Job • Competitive salary • Professional development opportunities