IT Security Compliance Assessor
Karsun Solutions - We are Enterprise Modernization Experts!
Our portfolio of long-term contracts help transform business enterprises.
Our Innovation Center provides freedom to explore and experiment.
Our culture is based on true work-life balance and opportunities to learn.
Karsun is a premier consulting services company with a reputation for innovation. We provide Enterprise Modernization services to both civilian and defense Federal agencies. Our company is recognized as one of the fastest-growing private companies in the U.S., as well as one of the most promising Government Consulting Solutions Providers. Karsun is an ISO 9001:2008 certified organization.
The Security Compliance Assessor will generate POA&M(s) and/or POA&M tables for issues that arise outside of the normal security assessment process, i.e., DHS OIG audits, etc. Security Compliance uses both manual and technical tools to assess computer systems’ security posture, and conducts quality reviews of required artifacts, i.e., Security Plans, Contingency Plan, Contingency Plan Test, e- Authentication workbook, FIPS 199 workbook, etc. The team supports customer in developing processes and procedures in support of Security Compliance and Risk Management for systems, in addition to drafting policies and procedures when needed.
- In depth experience with security risk assessments using the NIST Framework
- Experience in several of the following areas is required: understanding of IT security practices and procedures; knowledgeof current security tools available; different communication protocols; encryption techniques/tools; secure system architecture, system engineering, system administration, configuration management, or agile application development experience; familiarity with commercial products, and current Internet/EC technology.
- Experience reviewing and updating/editing security artifacts (i.e., Security Plans, Contingency Plan, Contingency Plan Test, e- Authentication workbook, FIPS 199 workbook, etc.)
- Experience validating artifacts submitted for POAM closure
- Compliance automation experience
- CISSP or other security related certification
- Current DHS/USCIS EOD
- Familiarity with a number of the following IT Security Technologies; Nessus, Security Center 5, Webinspect, DB Protect, Fortify, Appscan, Nipper, Burp Suite Pro, WebSphere, ActiveState Perl, Aquafold, SoapUI Pro, Ultraedit, SNSScan, SolarWinds Engineer’s Toolset, Fortify, RSA Archer, Swimlane, XACTA Continuum
Qualifications (Education / Experience)
- Bachelor's degree or in related field or equivalent and/or at least 8-15 years related experience
- Must be a US Citizen and be able to obtain/maintain a Public Trust Clearance
Karsun Solutions is an Equal Employment Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Meet Some of Karsun Solutions's Employees
Director of Agile Transformation
Jason aims to grow Karsun’s enterprise IT services portfolio—specifically focusing on agile and DevOps, software development, cloud solutions, and advanced analytics practice.
Back to top