Sr. FISMA Security Assessor in Milford Mill, MD at Volt

Date Posted: 10/18/2018

Job Snapshot

Job Description


Job Summary:

Volt seeks seasoned NIST A&A Assessors to jump in and join our Clients assessment team that is responsible for assuring the implementation of the Centers of Medicare & Medicaid Services (CMS) security controls for all systems.

Job duties/responsibilities:

  • Assess security controls for various systems.
  • Assist in process improvement and automation for the assessment methodology.
  • Document control reviews and findings on time and as they occur according to client requirements.
  • Conduct technical evaluation of information system design, focusing on information security aspects and accreditation according to the NIST Risk Management Framework.
  • Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches.
  • Conduct evaluations of information system components, management, and design, focusing on information security aspects and accreditation according to the NIST Risk Management Framework.
  • Review program documentation such as Risk Assessments, Security Plans, and Contingency Plans.
  • Conduct ongoing assessments of contractor facilities as needed to ensure compliance with security requirements tailoring requirements, as needed.
  • Other support tasks, as needed.

Minimum Qualifications:

  • 5+ years of experience with the NIST RMF, a degree can be substituted for some years of experience.
  • Understanding of the operation of relational and noSQL data base systems (Oracle, My SQL, MapReduce, etc.).
  • Understanding of PaaS, IaaS, SaaS (AWS, Azure, Salesforce).
  • Knowledge of FedRAMP inheritance.
  • Experience in Unix/Linux, Windows systems.
  • Understanding of network-based protection systems.
  • Understanding of information management and protection systems (AV, Patch management, etc.).
  • Understanding of system privacy controls.
  • CISSP, HCISPP, CISA, or equivalent certifications.
  • Understanding of System Security design (3-zone, partitioning, etc.).
  • Understanding of application development methods (Dev/Ops specifically).
  • Understanding of systems hardening methods and standards (GPOs, STIGS, etc.).
  • Candidate must be a great communicator (both written and verbal) and be able to work with a group as well as independently.
  • Must be available/able to travel up to 25%.
  • Report writing experience.
  • Experience with program security and information systems security best practices.
  • Ideal candidate will be self-motivated, a team player, organized, and detail oriented.

Desired Qualifications:

  • Experience in Federal security certification and accreditation.
  • Understanding of NIST 800-53 policies and implementation.
  • Experience with HIPAA and the Centers for Medicare and Medicaid Services (CMS).
  • Familiarity with applicable HHS and CMS policies, procedures and operating instructions related to program security, information assurance and information management.

This is a contingent/temporary position offered through Volt Workforce Solutions. Volt offers competitive compensation, the chance to work with some of the world’s leading companies, and a staff committed to helping you take the next step on your career path. 

To learn more about Volt, please visit: and to see more of our job postings, please visit:

Volt is an Equal Opportunity Employer.