Aveshka is looking for Cyber Risk Assessor to provide support to the Pentagon to include normal business hours and after business hours support.
General Functional Responsibility
Review, analyze, and provide guidance for Information Assurance Vulnerability Management compliance scans on networks & computing devices.
Evaluate Regional Computer Emergency Response Team-Continental US (RCERT-CONUS) and Army Computer Emergency Response Team (ACERT) alerts and provide local assessments of vulnerability to IAM and local DOIM management.
Interpret and apply Defense Information Systems Agency (DISA) Security Template Implementation Guide (STIG).
Provide map and gap of sites from DIACAP to RMF and uploading into eMASS.
Provide technical, administrative direction, and review for Information Assurance (IA) and Security controls in eMASS as it pertains to RMF for MTFs throughout the region and for Systems.
Identify industry accepted standards, IT standards for validated data, access control, roles definition, authentication methods and apply to existing systems.
Review and assess existing networks and systems to identify and understand vulnerabilities in order to create a POAM or work with the technical team to mitigate the vulnerability. Assess the system or network to ensure that it has been STIGd appropriately to operate on the DoD or Army network according to Army and DoD Cyber Security Standards
Desired Education and Certifications
CAP, GSLC, or Security + (IAM-I)
GSEC, Security+, SSCP or CCNA-security Certification (IAT-II)
Knowledge of EMASS.
Knowledge of ForeScout
Knowledge of IAVM Reporting
Knowledge of Operation Order (OPORD) Evaluation and Implementation
Knowledge of Assured Compliance Assessment Solution (ACAS)
Knowledge of Security Content Automation Protocol (SCAP)