Security Assessor TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ...
Logical Answer
2 jobs near Columbus, OH
Security Assessor TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ...
Administrative Assistant
Mclean, VA · On-site
$18.50 - $25/hr
Administrative Assistant We are seeking a highly organized, discreet, and proactive Administrative Assistant to support mission-critical operations within the Intelligence Community. The ideal ...
Administrative Assistant
Mclean, VA · On-site
$18.50 - $25/hr
Administrative Assistant We are seeking a highly organized, discreet, and proactive Administrative Assistant to support mission-critical operations within the Intelligence Community. The ideal ...
Other
Posted 2 days ago
Job description
Security Assessor
TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role involves conducting comprehensive assessments, identifying vulnerabilities and security risks, and working with IT and development teams to recommend and validate remediation strategies. The ideal candidate possesses a deep understanding of cybersecurity principles, risk management frameworks, and the ability to communicate complex information clearly to technical and non-technical stakeholders.
Key Responsibilities
· Conduct Security Assessments: Perform in-depth evaluations and testing of management, operational, and technical security controls across various systems, networks, and software applications.
· Identify Vulnerabilities and Risks: Utilize assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document findings, and assess the severity of risk.
· Documentation and Reporting: Prepare detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms), for identified weaknesses and deficiencies.
· Ensure Compliance: Verify and validate that systems and processes meet established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP).
· Remediation and Collaboration: Collaborate with system owners, IT teams, and developers to recommend corrective actions, provide guidance on secure practices, and ensure the proper implementation of mitigation strategies.
· Continuous Monitoring: Support the development and implementation of a continuous monitoring strategy and assess proposed changes to information systems that could affect their security posture.
· Stay Current: Monitor and analyze security trends, threats, and new technologies to stay updated on emerging risks and mitigation techniques.