ASM Research, An Accenture Federal Services Company
Security Auditor
ASM Research, An Accenture Federal Services Company, Juneau, Alaska, us, 99812
The Security Auditor, serving as Compliance Lead, is responsible for performing independent assessments of management, operational, and technical security controls in the CASTLE-NET IT environment. This role conducts security reviews and risk analyses to identify weaknesses in security architecture, recommends mitigation measures, monitors and evaluates systems for compliance with IT security requirements, and ensures resilience and dependability standards are maintained across the infrastructure.
Key Responsibilities
Conduct independent security assessments of management, operational, and technical controls
Perform comprehensive security reviews and risk analyses across IT systems and infrastructure
Identify security weaknesses and gaps in security architecture and controls
Recommend evidence-based mitigation measures and control enhancements
Monitor IT systems and infrastructure to ensure compliance with security requirements and standards
Utilize vulnerability assessment tools to identify system weaknesses and attack vectors
Conduct security testing including penetration testing and configuration compliance checks
Evaluate system resilience, dependability, and recovery capabilities
Document security assessment findings in comprehensive reports with risk ratings
Verify implementation of corrective actions and remediation measures
Provide expert guidance on security control selection and implementation
Maintain current knowledge of security frameworks, standards, and best practices
Required Qualifications
Bachelor's degree in IT, Computer Science, or related field (or equivalent work experience)
8+ years of relevant experience as a Security Control Assessor, Security Auditor, or related role
Excellent understanding of cybersecurity principles, risk management frameworks, and IT security methodologies
Expert knowledge of vulnerability assessment tools and security testing methodologies
Strong problem-solving, analytical, communication, and interpersonal skills
Ability to manage multiple security assessments effectively and collaboratively
Experience developing detailed security assessment reports with risk analysis and recommendations
Preferred Qualifications
CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification
Certified Authorization Professional (CAP) certification from (ISC)²
Familiarity with USACE IT environment and federal security standards
Knowledge of NIST SP 800-53 security controls and assessment frameworks
Experience with security assessment tools (Qualys, Tenable, OpenVAS)
Background in federal IT security compliance and accreditation processes
Experience with continuous monitoring and security control assessment methodologies
Required Skills
Security Assessment & Control Testing
Vulnerability Assessment & Analysis
Risk Analysis & Reporting
Cybersecurity Frameworks & Standards
Security Architecture Review
Preferred Skills
Penetration Testing & Ethical Hacking
NIST SP 800-53 Controls Knowledge
Compliance Risk Management
Security Assessment Tools (Qualys, Tenable)
Federal Security Standards (FISMA, FedRAMP)
Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract‑specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
$122,900 - 154,500
Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties" or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.
#J-18808-Ljbffr
Key Responsibilities
Conduct independent security assessments of management, operational, and technical controls
Perform comprehensive security reviews and risk analyses across IT systems and infrastructure
Identify security weaknesses and gaps in security architecture and controls
Recommend evidence-based mitigation measures and control enhancements
Monitor IT systems and infrastructure to ensure compliance with security requirements and standards
Utilize vulnerability assessment tools to identify system weaknesses and attack vectors
Conduct security testing including penetration testing and configuration compliance checks
Evaluate system resilience, dependability, and recovery capabilities
Document security assessment findings in comprehensive reports with risk ratings
Verify implementation of corrective actions and remediation measures
Provide expert guidance on security control selection and implementation
Maintain current knowledge of security frameworks, standards, and best practices
Required Qualifications
Bachelor's degree in IT, Computer Science, or related field (or equivalent work experience)
8+ years of relevant experience as a Security Control Assessor, Security Auditor, or related role
Excellent understanding of cybersecurity principles, risk management frameworks, and IT security methodologies
Expert knowledge of vulnerability assessment tools and security testing methodologies
Strong problem-solving, analytical, communication, and interpersonal skills
Ability to manage multiple security assessments effectively and collaboratively
Experience developing detailed security assessment reports with risk analysis and recommendations
Preferred Qualifications
CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification
Certified Authorization Professional (CAP) certification from (ISC)²
Familiarity with USACE IT environment and federal security standards
Knowledge of NIST SP 800-53 security controls and assessment frameworks
Experience with security assessment tools (Qualys, Tenable, OpenVAS)
Background in federal IT security compliance and accreditation processes
Experience with continuous monitoring and security control assessment methodologies
Required Skills
Security Assessment & Control Testing
Vulnerability Assessment & Analysis
Risk Analysis & Reporting
Cybersecurity Frameworks & Standards
Security Architecture Review
Preferred Skills
Penetration Testing & Ethical Hacking
NIST SP 800-53 Controls Knowledge
Compliance Risk Management
Security Assessment Tools (Qualys, Tenable)
Federal Security Standards (FISMA, FedRAMP)
Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract‑specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
$122,900 - 154,500
Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties" or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.
#J-18808-Ljbffr