1 week ago
Job type: Full-time
Hiring from: USA Only
Category: Finance / Legal
Aptive has an exciting opportunity for a Risk Assessor who loves working on a project as it develops from concept to completion. The ideal candidate should be proactive, curious, and dedicated to our clients, their customers, our employees, willing to provide exceptional customer service.
This full-time position is in Fairfax, VA, Baltimore, MD, or Remote. Please note until COVID-19 social distancing restrictions are lifted, this position will be fully remote.
- 5+ years' experience minimum
- Legal authorization to work in the U.S.
- Ability to obtain and maintain a Public Trust Clearance
- While the other assessor roles on the Security Assessment team perform technical testing and generate risk information, the Risk Assessor focuses exclusively on analyzing existing Risk Information Sources (RIS) (regardless of generation source). Put another way, the other assessor roles generate a RIS that is (potentially) used by the Risk Assessor (possibly along with other RIS) to determine the risk posture of the system being assessed
- The Risk Assessor typically works independently of and after the Security Assessment team. The Risk Assessor is not typically a part of the Security Assessment team but may interact with them to better understand their findings and their context
- Before identifying the risks to the system, the Risk Assessor first familiarizes themselves with the system by reviewing the system's SSP, ISRA, PIA, and any existing ACT RARs. The purpose of this review is to understand the purpose, design, implementation, and environment of the system; its development roadmap; and the already-identified risks to the security and privacy of the system
- The Risk Assessor reviews and analyzes the data from all available RIS (including the Findings and output from ongoing ACT Security Assessments). Available RIS might include ACT Security Assessments that are being conducted concurrently or that were conducted in the past; other available RIS might include sources such as penetration testing performed by the CMS Cybersecurity Integration Center (CCIC), DHS Cyber Hygiene, etc.
- The Risk Assessor works with ISPG and/or the appropriate Security Assessment Lead or Risk Assessment Lead to determine which Risk Information Sources should be considered for each Assessment
- The Risk Assessor documents the identified Risks and analysis in the current version of the ACT Risk Assessment Report Template
- 7+ years' experience preferred
- Bachelor's degree/Master's degree preferred
Aptive is a modern federal consulting firm focused on human experience, digital services and business transformation. Our employees receive competitive compensation, along with company-paid health care and short-term disability plans. We also offer a 401K plan with company match, paid time off, flexible savings accounts, commuter benefits and company-sponsored professional education opportunities.
Our work inspires people, fuels change and makes an impact. Join our team to be part of positive change in your community and our nation.
EQUAL OPPORTUNITY EMPLOYER.
Aptive is an equal opportunity employer. We consider all qualified applicants for employment without regard to race, color, national origin, religion, creed, sex, sexual orientation, gender identity, marital status, parental status, veteran status, age, disability or any other protected class.
Veterans, members of the Reserve and National Guard, and transitioning active-duty service members are highly encouraged to apply.
Before you apply, please check if any restrictions apply in terms of time zone or country.
This job has a geo-restriction in place: USA Only.
Please mention that you come from Remotive when applying for this job.
Does this job need an edit? 🙈