Security Control Assessor

ECS is seeking a Security Control Assessor with 5+ years of Cybersecurity experience, to work Remotely. Please Note: This position is contingent upon contract award. Salary Range: $90,000 – $115,000 General Description of Benefits Qualifications Strong written and verbal communication skills. Strong communication ability across all levels of management. Experience in planning and completing assessments independently and or with a team of security control assessors Three (3)+ years’ experience supporting security assessment teams is required. Experience in presenting control requirements and deficiencies to both technical and non-technical audiences. Experience performing detailed, full-scope technical security control testing for each of the component types, including development of security and privacy assessment plans is required. Ability to analyze information system configurations and technical specifications against NIST SP 800-53 and other overlays Possesses a strong understanding of the NIST Special Publication 800-53 security and privacy controls, the NIST Cybersecurity Framework and other information security and privacy laws and regulations. Experience with development and writing of risk-based assessments and documentation. Experience with Power automate, Power BI, & Microsoft Project Online. Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities. Experience with cloud technology offerings from AWS and Azure and assessing systems hosted within those environments. Experience performing assessment in accordance with the policies, procedures, and standards of the Office of Management and Budget (OMB), the National Institute of Standards and Technology (NIST), and Treasury. Certifications/Licenses: Bachelor’s degree or higher in Computer Science’s, MIS/IT, Engineering, Information Security/IA, or related discipline to work requirement Five (5)+ years of Information Security experience required. Two (2)+ years of experience with the use of eGRC tools.