Information Security Awareness Specialist supporting cybersecurity awareness programs at Amadeus. Combining data analysis, communication, and collaboration to enhance security practices.
About the role
- Security Controls Assessor performing security assessments and gap analysis for Federal agency clients in Washington, D.C. Designing security controls and risk management strategies to meet regulatory compliance standards.
Responsibilities
- Perform security reviews, identify gaps in security architecture, and develop a Security Assessment Plan and Security Assessment Report.
- Utilize the examine, interview, and test methodology to determine if control implementation meets Federal and Agency requirements.
- Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks.
- Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
- Provide weekly updates on assessment status.
- Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
- Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
- Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risks.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.
- Assess the effectiveness of security controls.
- Assess all the configuration management (change configuration/release management) processes.
Requirements
- Completed Bachelor’s degree from an accredited university, preferably in an IT related field.
- Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
- One or more of the following: CISSP, CISM, Security+, CISA, CAP, or equivalent industry recognized cybersecurity certification.
- At minimum 5+ years of hands-on work experience with Assessor (SCA) duties; performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise databases leading to successful security authorization of such systems.
- Knowledge of GRC tools e.g., Xacta
- Knowledge of the NIST Cybersecurity Framework
- Cloud and or engineering related certifications
Benefits
- paid parental leave
- flexible time off
- certification and training reimbursement
- digital mental health and wellbeing support memberships
- comprehensive insurance options
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cyber Security Software Developer at Airbus Defence and Space working on innovative projects in defense and aerospace. Responsible for developing and maintaining secure software systems against cyber threats.
Technicien SST responsible for implementing health and safety policies on - site at Airbus Protect. Ensuring compliance with safety regulations through audits and training while developing a safety culture.
Information Security Specialist defining and implementing Technology Controls and Information Security policies. Leading projects, assessing risks, and providing security solutions at TD.
Senior Manager Information Security leading team of Technology Controls experts at TD. Developing strategies and minimizing technology risks across organization while liaising with executives.
Senior Financial Consultant focusing on Workday Financials Record to Report after go - live, maximizing customer investments and ensuring compliance with accounting processes.
Regulatory Security Compliance Manager ensuring compliance with regulatory requirements in managing sensitive governmental projects. Involves collaboration with stakeholders and oversight of external audits.
Information Security Officer developing and maintaining cybersecurity frameworks at Husqvarna Group. Collaborating with global stakeholders to ensure clarity and compliance in security policies.
Senior Defensive Security Advisor tackling security threats at Desjardins by analyzing incidents and implementing mitigation strategies. Leading initiatives to strengthen the security posture of the organization.
Property management and safety analyst assisting with fire prevention and safety measures. Collaborating with stakeholders on building safety, lease management, and emergency plans.