Assessment Specialist

Job Description:

Assessment Specialist Summary:

Signature Consultants is seeking an Assessment Specialist for an opportunity Merrifield, VA. Our Client is seeking a professional and experienced Sr. Assessment Specialist to join our team and support the Center for Internet Security (CIS) Critical Security Controls (CSC) team. 

Responsibilities:

• Leverage working knowledge of the CIS Critical Security Controls including all associated sub-controls to facilitate ongoing security maturity assessments across the enterprise.
• Research, develop, and document CSC maturity metrics, artifacts, and workflows relevant to the CIS Top 20 Controls identifying status of tool procurements, implementations, SIEM integrations, and/or decommissioning across multiple enterprise networks.
• Conduct analysis and technical security mapping to identify gaps and provide executive-level understanding of current and future states of CIS maturity.
• Coordinate with key stakeholders across the organization to identify technology and policy mapping to each CSC sub-controls, gaps, and current/future status.
• Develop in-depth executive level briefings for Executive Leadership Team (ELT) on CIS CSC maturity, tools, implementation status, etc.
• Analyze organizational policies with CIS best practices and provide recommendations on areas for improvement to increase maturity based on the CIS CSCs.
• Consolidate and integrate feedback from deep dive reviews with key stakeholders and manage team documents to central SharePoint site.
• Update maturity status on a quarterly basis and report changes to ELT.
• Provide recommendations for improvement based on assessment results to include changes to Standard Operating Procedures and other policies.

Qualifications:

• Bachelor’s Degree – IT, Cybersecurity, or Management Information Systems (Not required)
• 3-5 years of related experience in information technology and/or information security conducting risk assessments to identify security gaps, assessing controls, and providing recommendations and reporting to executive leadership.
• Fundamental understanding of computer networking (TCP/IP, DNS, Firewalls, Proxies, Routers, Switches, etc.)
• Knowledge of Windows and Linux operating systems and information security components
• Knowledge ofCybersecurity technologies to include:
  • Asset Configuration Management
  • Intrusion Detection/Prevention Systems (IDS/IPS)
  • Security Incident and Event Management (SIEM)
  • Antivirus
  • Networking
  • Security Vulnerability Scanning
  • Incident Response
• Certifications: CompTIA Security+, Network+, A+, CISSP, CEH (Preferred)
• S. Citizens, Green Card Holders, and those authorized to work in the U.S. for any employer will be considered.

About Signature Consultants, LLC

Headquartered in Fort Lauderdale, Florida, Signature Consultants was established in 1997 with a singular focus: to provide clients and consultants with superior staffing solutions. For the seventh consecutive year, Signature was voted as one of the “Best Staffing Firms to Work For” and is now the 14th largest IT staffing firm in the United States (source: Staffing Industry Analysts). With 26 locations throughout North America, Signature annually deploys thousands of consultants to support, run, and manage their clients’ technology needs. Signature offers IT staffing, consulting, managed solutions, and direct placement services. For more information on the company, please visit www.sigconsult.com.