Principal Security Specialist
Infojini IncVirginia, United States
Posted October 7, 2015
Full Time
About the Company
Infojini Consulting is a full service IT consulting, services, and staffing firm with offices in Linthicum Heights, Maryland, Washington, DC and Mumbai, India.
Job Description
Infojini Consulting is a full service IT consulting, services, and staffing firm seeking a Principal Security Specialist to perform security assessments and technical security reviews for classified and unclassified systems.
Requirements
- Perform Security Assessments and Technical Security Reviews (TSR) for classified and unclassified systems;
- Ensure adherence to the DHS Systems Engineering Lifecycle (SELC) and Change Management (CM) principles;
- Develop and update testing procedures, Rules of Engagement (RoE) and security assessment scripts;
- Review output from existing vulnerability assessment tools (Nessus, AppDetective, etc.) to validate findings and identify false positives;
- Identify security risks, threats and vulnerabilities;
- Use NIST SP800-53 (Rev 3 and 4) and DHS 4300A/B controls for testing the security controls within the C&A phase;
- Review security controls using manual processes and automated tools;
- Create, review, edit System Security Plans (SSP);
- Perform Risk Analysis;
- Work with ISSOs, developers, and System Owners on the assessment of systems under test;
- Develop Security Assessment Reports (SAR)