Job Description
Overview System Tester/Assessor Remote SecuriGence is seeking a System Tester / Assessor to support the Health and Human Services Administration for the Community Living Enterprise IT Services Program. The System Tester / Assessor will be responsible for conducting comprehensive security assessments and system testing for the HHS ACL EITS program. This role ensures that all systems comply with federal security standards, function as expected, and are free from vulnerabilities or performance issues. The individual will work closely with the ISSO, Security Architect, and development teams to assess security controls, validate system functionality, and perform various types of testing, ensuring compliance with FISMA, NIST, and other applicable regulations. Responsibilities • Conducts scans and assessments to identify vulnerabilities in systems, networks, and applications. • Analyze findings to determine severity, potential impacts, and required remediation actions. • Perform penetration testing using simulated attacks to find weaknesses that an actual attacker might exploit. • Experience with security controls testing, threat modeling, and Cloud security. • Perform security assessments of information systems, ensuring compliance with FISMA, NIST 800-53, FedRAMP, and other federal standards. • Document and report security risks, weaknesses, and findings to the Information System Security Manager (ISSM). • Identify, document, and report any system bugs, vulnerabilities, or performance issues. • Use both automated and manual testing techniques to probe for vulnerabilities and document potential risks. • Work with the security and development teams to mitigate and remediate identified vulnerabilities. • Prepare and deliver comprehensive security assessment reports that highlight findings from audits, tests, and assessments. • Ensure testing procedures and assessments comply with NIST RMF, FISMA, and Section 508 standards. • Contribute to the development of System Security Plans (SSPs) by verifying and validating the security controls. • Other duties as assigned. Qualifications • Bachelor's degree in Cybersecurity, Information Technology, Software Testing, or additional experience in lieu of a degree. • 3+ years of experience in system testing and security assessments. • Experience working with federal security guidelines, such as FISMA, NIST RMF, and FedRAMP. • Background check with the ability to pass a Public Trust Background Investigation. Preferred Qualifications • Certified Ethical Hacker (CEH) • Certified Information Systems Security Professional (CISSP) • Certified Software Tester (CSTE) • ISTQB Knowledge, Skills, and Abilities • Proficiency with security testing tools such as Nessus, Burp Suite, Qualys, Metasploit, and other vulnerability assessment and penetration testing tools. • Experience with automated testing frameworks and tools. • Understanding of advanced persistent Threats and strategies for detection and prevention. • Strong understanding of software development lifecycle (SDLC), quality assurance principles, and security controls. Teleworking Permitted? Yes Teleworking Details 100% Remote Estimated Salary/Wage USD $103,400.00 / Yr. Up to USD $110,000.00 / Yr.