Get new similar jobs by email for
Information Security Assessor
Knowledge Consulting Group (KCG) is one of the largest privately held cybersecurity services firms in the United States; serving as a Federal Government Contractor and supporting Commercial customers. We operate as a trusted cyber advisor to our customers across the country. We take great pride in maintaining a single focus on being the leader in cybersecurity services, providing risk management, governance, operations, and compliance services, utilizing our CISO framework methodology. We are uniquely positioned as a trusted cyber advisor with over 90 percent of our cyber professionals holding security clearances and security-specific certifications. With over 12 years of experience in providing cybersecurity services to our customers, we have a strong record of past performance in advising and executing cyber missions for all types of organizations and sectors.
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable; Public Trust, SECRET, or TOP SECRET desirable.
The Information Security Assessor will be a key team member of a security assessment team that will conduct monthly on-site IT security assessments for a federal government client. Responsibilities include:
Conducting interviews with key client stakeholders to evaluate the current information security practices
Evaluate management, operational, and technical security policies and procedures
Reviewing security policy and procedural documentation
Reviewing network architecture diagrams and evaluating network access controls
Reviewing system configuration data to identify security weaknesses
Developing recommendations for security issues and vulnerabilities identified during assessments
Communicating results to clients ranging from technical staff to executive management
Developing tools to increase the level of automation for security assessment and reporting methodologies
Provide ongoing subject matter expert support for clients
Conduct approximately 12-18 assessments each year across the United States
-8 or more years’ experience in analyzing security controls and developing solutions to security problems
-5 or more years’ experience working with NIST IT security guidance
- Bachelor’s degree in an IT related field or equivalent education or work experience
-Excellent communications and oral presentation skills
-Experience performing security assessments and compliance assessments with NIST, PCI DSS, ISO 27001/27002, or other security control frameworks
-CISSP or CISA certifications highly desired, but not required
-Experience conducting interviews with client teams ranging from technical IT staff to senior executives
-Experience performing assessments of information security policies and procedures
-Experience evaluating the following IT security disciplines: continuity planning, contingency planning, disaster recovery planning, incident response, personnel security, access management, security awareness training
Strong verbal and written communication skills are highly preferred. It is highly desired that candidates possess strong interpersonal skills. Candidates must be fluent in the English language.
Candidates may be asked to provide a writing sample.
Knowledge Consulting Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, disability status, sexual orientation or gender identity.
If interested in the position, please apply directly through our website:
If you have questions or have trouble applying, you may contact: firstname.lastname@example.org.