[Hiring] System Tester/Assessor @Chenega Corporation

Role Description

SecuriGence is seeking a System Tester / Assessor to support the Health and Human Services Administration for the Community Living Enterprise IT Services Program. The System Tester / Assessor will be responsible for conducting comprehensive security assessments and system testing for the HHS ACL EITS program. This role ensures that all systems comply with federal security standards, function as expected, and are free from vulnerabilities or performance issues. The individual will work closely with the ISSO, Security Architect, and development teams to assess security controls, validate system functionality, and perform various types of testing, ensuring compliance with FISMA, NIST, and other applicable regulations.

• Conducts scans and assessments to identify vulnerabilities in systems, networks, and applications.
• Analyze findings to determine severity, potential impacts, and required remediation actions.
• Perform Penetration testing using simulated attacks to find weaknesses that an actual attacker might exploit.
• Experience with security controls testing, threat modeling, and Cloud security.
• Perform security assessments of information systems, ensuring compliance with FISMA, NIST 800-53, FedRAMP, and other federal standards.
• Document and report security risks, weaknesses, and findings to the Information System Security Manager (ISSM).
• Identify, document, and report any system bugs, vulnerabilities, or performance issues.
• Use both automated and manual testing techniques to probe for vulnerabilities and document potential risks.
• Work with the security and development teams to mitigate and remediate identified vulnerabilities.
• Prepare and deliver comprehensive security assessment reports that highlight findings from audits, tests, and assessments.
• Ensure testing procedures and assessments comply with NIST RMF, FISMA, and Section 508 standards.
• Contribute to the development of System Security Plans (SSPs) by verifying and validating the security controls.
• Other duties as assigned.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Software Testing, or additional experience in lieu of a degree.
• 3+ years of experience in system testing and security assessments.
• Experience working with federal security guidelines, such as FISMA, NIST RMF, and FedRAMP.
• Background check with the ability to pass a Public Trust Background Investigation.
• Preferred Certifications: Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Software Tester (CSTE), ISTQB.

Requirements

• Proficiency with security testing tools such as Nessus, Burp Suite, Qualys, Metasploit, and other vulnerability assessment and penetration testing tools.
• Experience with automated testing frameworks and tools.
• Understanding of advanced persistent threats and strategies for detection and prevention.
• Strong understanding of software development lifecycle (SDLC), quality assurance principles, and security controls.

Benefits

• Opportunities for professional development and skill sharpening.
• Supportive culture that encourages team members to excel.
• Well-being programs and flexibility to maintain a healthy work-life balance.
• Focus on corporate citizenship and positive social impact in communities.