Get new similar jobs by email for
Information Security Assessor
Knowledge Consulting Group (KCG) is one of the largest privately held cybersecurity services firms in the United States; serving as a Federal Government Contractor and supporting Commercial customers. We operate as a trusted cyber advisor to our customers across the country. We take great pride in maintaining a single focus on being the leader in cybersecurity services, providing risk management, governance, operations, and compliance services, utilizing our CISO framework methodology. We are uniquely positioned as a trusted cyber advisor with over 90 percent of our cyber professionals holding security clearances and security-specific certifications. With over 12 years of experience in providing cybersecurity services to our customers, we have a strong record of past performance in advising and executing cyber missions for all types of organizations and sectors.
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Public trust, Secret, or Top Secret clearance is desirable.
The Information Security Assessor will be a key team member of a security assessment team that will conduct monthly on-site IT security assessments for a federal government client. Conduct approximately 12-18 assessments each year across the United States in a fast paced work environment
-Determining the technical scope for security assessments
-Conducting interviews with key client stakeholders to evaluate the current information security practices
-Evaluate management, operational, and technical security policies and procedures
-Reviewing security policy and procedural documentation
-Reviewing network architecture diagrams and evaluating network access controls
-Reviewing system configuration data to identify security weaknesses
-Developing recommendations for security issues and vulnerabilities identified during assessments
-Communicating results to clients ranging from technical staff to executive management
-Developing tools to increase the level of automation for security assessment and reporting methodologies
-Provide ongoing subject matter expert support for clients
-8 or more years experience in analyzing security controls and developing solutions to security problems
-5 or more years experience working with NIST IT security guidance
-Excellent communications and oral presentation skills
-Experience performing security assessments and compliance assessments with NIST, PCI DSS, ISO 27001/27002, or other security control frameworks
-CISSP or CISA certifications desired, but not required
-Experience conducting interviews with client teams ranging from technical IT staff to senior executives
-Experience performing assessments of information security policies and procedures
-Experience evaluating the following IT security disciplines: continuity planning, contingency planning, disaster recovery planning, incident response, personnel security, access management, security awareness training
-Experience in evaluating the configurations of firewalls, routers, switches, and other network devices
-Experience evaluating Microsoft Windows, Unix, Linux, and Novell operating systems and applications
Strong verbal and written communication skills are highly preferred. It is highly desired that candidates possess strong interpersonal skills. Candidates must be fluent in the English language.
Candidates may be asked to provide a writing sample.
Knowledge Consulting Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status.
If interested in the position, please apply directly through our website:
If you have questions or have trouble applying, you may contact: firstname.lastname@example.org.