POSITION: Cybersecurity Technical Auditor
LOCATION: Aberdeen Proving Ground, MD
SCOPE: Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC).
- Secure Code Review
- Utilize HP Fortify to examine code scan results submitted by developers.
- Identify and verify noted false positives
- Provide comments on scan results and vulnerabilities present, recommend POA&M mitigations.
- Software and Hardware Assessments
- Install software on isolated VM and assess software against 800-53 controls and AS&D STIG
- Utilize Wireshark and Attack surface analyzer to assess software traffic and connections
- Assess Hardware against named STIG or SRG
- Document assessment results and potential mitigations
- Assist with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations
- STIG checklist reviews for packages managed by the branch
- Auditing of technical controls within eMASS.
- Bachelor’s Degree in directly related field and at least 5 years of relevant experience; Relevant work experience may be substituted for Bachelor’s degree
- Must hold one of following certifications:
- CASP+CE, CISSP or associate, CSSLP
- Must possess DOD 8570.01-M certifications meeting the requirements for IAT Level II or IAM Level I.
- Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
- Specialized experience in AS&D STIG compliance, secure software development/testing, static and dynamic code analysis, software assurance, software assessments, application threat modeling, performing software and hardware risk and vulnerability analysis, or a closely related function, such as technical assessment of software for networks, applications and systems; using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, and other software assurance tools.
- Ability to obtain/maintain Secret clearance is required
To apply for this job email your details to ATECemail@example.com