Cybersecurity Assessment Tester- Lead

Apply for this position Please mention DailyRemote when applying
timePosted 11 days ago location United States salarySalary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Alpha Omega Integration, LLC., a Virginia Business Best Places to work for 2012-2020, along with recognition such as the Virginia Chamber of Commerce Fantastic 50, Inc. 5000 143, Washington Technology Fast 50 11, and the Vanguard Top Service Company Award is actively seeking passionate leaders to join our team, support our nationrsquos government agencies, and make a difference! Why Us? We foster a culture that values hard work and integrity. We are constantly awarding those who are self-starters, trustworthy, and have a good work ethic. If you like working with the latest in IT solutions and are looking to join an organization that is consistently voted one of the best in which to work, then check out your next career opportunity below! We are actively seeking team members who enjoy meeting challenges with a smile. We offer a fast-paced, growing environment that takes care of the overall development of our employees. Alpha Omega has an exciting opportunity for you to be part of a team where yoursquoll have the opportunity to make a difference. Cybersecurity Assessment Tester, Lead Clearance Required Able to Obtain SECRET or TOP SECRET clearance Work Location 100 remote, then potential for work relocation to Washington, DC metro area Position DescriptionScope of Work General Description The Cybersecurity Assessment Tester, Lead supports our larger Team by leading a team of 4 staff conducting highly technical and Independent Verification and Validation (IVV) assessments of known and unknown vulnerabilities and Security Content Automation Protocol (SCAP) policy compliance levels in hosts, networks, web applications, code, databases, and special-purpose systems. This includes the use of common vulnerability assessment tools, including hostnetwork scanners, database testers, penetration testing frameworks, dynamicstaticinteractive application security testing tools, fuzzers, and other similar tools, as well as manual methods. Assessment includes identification, validation, risk assessment, development of mitigating methods, verification of methods to remediate or mitigate, and determining the extent of exposure. Responsibilities and Duties Obtain and maintain a DHS Public Trust, Entry on Duty Supervise the performance and tasks of team staff, to include prioritization and assignments Represent the Testing Team to our Project Manager and Program Manager as well as the Government, to include statprogress reporting and technical testing discussions Conduct IVV testing and analysis against system vulnerabilities identified at all levels of a system to include but not limited to application, operating system, and firmware layers Support source code reviews and determine valid findings through scan analysis utilizing a variety of automated and manual testing tools Collaborate with Program Office system developers in understanding the security risk related to the application, to include source code Use automation across all platforms of technology and processes to ensure maximum optimization Conduct assessments and analysis against systems within Agile Framework, Cloud Service Provider (CSP), and Development Security Operations (DevSecOps) environments to ensure cyber capabilities are being developed and maintained within acceptable risk thresholds Ensure all testing is performed as an independent third party, assessing systems within the agency and independent of Program Offices Ensure dynamic testing is conducted against software applications Provide standard operating procedures that support detailed procedures conducted in IVV testing that are repeatable and measurable. develop security test plans and reports in support of all IVV test events Conduct testing and analysis against IT systemrsquos security control implementation and measure its effectiveness Work closely with engineers and developers to obtain needed access, discuss and debate efficacy of remediation or mitigation actions, and make independent determination as to status Required Skills Excellent communication skills (verbal and written) with a keen attention to detail. Candidate must be comfortable discussing status and risksproject impacts with all levels of management and project stakeholders Ability to supervise and lead a small team of technical testers while performing in an individual contributor role Appropriately assertive in communications, without being aggressive or passive-aggressive Exceptional interpersonal skills. This position requires daily interaction with peers, stakeholders, and management and perform discussions, debates, and negotiations regarding risk concepts and technical, management, and operational actions taken to reduce risk Proactive researcher and learner to solve new challenges and understand new concepts and technologies Ability to work independently without a lot of oversight Strong ability to use OWASP to identify and remediate common web application vulnerabilities Strong Time Management skills Technical understanding of concepts related to vulnerabilities and Security Content Automation Protocol (SCAP) policy variances in hosts, networks, web applications, and databases Working expertise to perform technical testing and assessment with industry tools such as Nessus, WebInspect, AppDetective, Kali Linux, Core Impact, Fortify, Burp Suite, AppScan, Qualys, Rapid7, dbProtect, AppDetective, and others Required Experience Minimum 10+ years of experience in technical aspects of Cybersecurity andor IT Security 5+ years of experience in a Federal Cybersecurity environment working under FISMA and the Risk Management Framework (RMF) Experience serving as a penetration tester, vulnerability tester, technical assessor, ethical hacker, or similar role Required Certification(s) Combination of CISSP, CISM, CEH, GPEN, OSCP, GWEB, OSWE, Microsoft, Cisco, or similar Required Education Masterrsquos degree or higher in an Information Technology or Cybersecurity field. May be substituted with years or experience and certifications Alpha Omega Integration, LLC (Alpha Omega) is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Alpha Omega will be based on merit, qualifications, and abilities. Alpha Omega does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, IWDs, Veteran Status or any other characteristic protected by law (referred to as "protected status).rdquo