Cybersecurity Technical Auditor with Security Clearance

---

Job description

SAVA is looking for a Cybersecurity Technical Auditor to work at Aberdeen Proving Ground, TX. Serve as a Cybersecurity Technical Auditor on a major IT support contract for the Army Test and Evaluation Command (ATEC) at the Aberdeen Test Center (ATC). Responsibilities include: Performs Secure Code Review Uses HP Fortify to examine code scan results submitted by developers.
Identifies and verifies noted false positives.
Provides comments on scan results and vulnerabilities present, recommend POA&M mitigations. Conducts Software and Hardware Assessments Of installed software on isolated VM and assess software against 800-53 controls and AS&D STIG,
Uses Wireshark and Attack surface analyzer to assess software traffic and connections.
Assesses Hardware against named Security Technical Implementation Guides (STIGs) or Security Requirements Guides (SRGs).
Documents assessment results and potential mitigations.
Assists with assessment of subordinate locations against STIG, 800-53 controls, and Army regulations.
STIG checklist reviews for packages managed by the branch.
Provide auditing of technical controls within eMASS. Responsibilities Plans and implements security measures to protect computer systems, networks, and data from loss and service interruptions.
Analyzes and documents security risks, breaches, and other cyber security incidents and the damage they cause.
Oversees the monitoring of the computer networks for security issues.
Installs and operates security software and measures to protect systems and information infrastructure, including firewalls and data encryption programs.
May train staff on network and IT security procedures.
Handles complex issues and problems and refers only the most complex issues to higher-level staff.
Possesses comprehensive knowledge of subject matter.
Performs work under minimal supervision.
May act as a lead. Qualifications Active Secret security clearance
Bachelor's Degree in directly related field and at least 5 years of relevant experience; relevant work experience may be substituted for bachelor's degree.
Must hold one of following DOD 8570 baseline certifications:
CSSP-AU (CEH, CySA+ (formerly CSA+), CISA, GSNA, CFR, PenTest)
IAT III or IASAE (CASP+CE, CISSP (or Associate), CSSLP) Must possess DOD 8570 baseline certifications meeting the requirements for:
IAT Level II or IAM Level I
Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance.
Specialized experience in:
AS&D STIG compliance
Secure software development/testing
Static and dynamic code analysis
Software assurance, software assessments application threat modeling.
Performing software and hardware risk and vulnerability analysis or a closely related function, such as technical assessment of software for networks, applications and systems.
Using cybersecurity/IT audit tools such as ACAS, HP Fortify, HP Web Inspect, BURP Suite, or other software assurance tools. This Hybrid position requires applicants to be within 1.5 - 2 hours commute from Aberdeen Proving Ground, MD or FT Cavazos, TX for IT support.

<!– job description page –>