Cybersecurity Assessor

  • BCT Partners
  • Washington, D.C. or Remote
  • Jun 03, 2021
Full time Information Security Information Systems Network Network Engineer Technical Support

Job Description

Position Summary:The Cyber Security Assessor conducts assessments of the security controls and control enhancements employed within or inherited by the client’s system, determining the overall effectiveness of the controls.  This role implements, monitors, supports, and hardens cloud infrastructure and environments, and works with client leadership to help architect and design a secure architecture, identify, and solve scale challenges, and navigate migration to cloud technologies with security in mind.
 Key Responsibilities[1]:

  • Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks. Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, network, or third-party vendor. 
  • Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations. 
  • Develop security compliance processes and/or audits for external services (i.e., third-party vendors, cloud service providers, etc.). 
  • Perform security reviews, identify gaps in security architecture and develop a security risk management plan. 
  • Perform risk analysis (i.e., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. 
  • Implement risk management programs utilizing NIST and FISMA compliance frameworks. 
  • Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risks. 
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. 
  • Proactively and collaboratively partner with the CISO to ensure risks are identified, managed and/or mitigated to reduce organizational risks. 
  • Contribute to ATO documentation. 
  • Contribute to other Information Risk and Assurance programs and functions as needed. 
  • Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required. 
  • Identify opportunities to improve processes and services of risk management. 
  • Be mindful and responsive to challenges that may surface with legacy applications.

 Experience, Knowledge, Skills & Abilities:

  • 3-5 years’ professional experience in information security, including supporting security documentation and ATOs; information security and DevOps team experience (ideally working in a matrixed team environment)
  • In-depth knowledge and experience of next-gen technical architectures, cloud infrastructures, networking infrastructures, evolving business practices, development practices, finding innovative ways to enable secure business practices and strong risk management skills 
  • Zero-trust architecture and identity management experience required, Google Cloud and Azure experience desired
  • Advanced understanding of policy and compliance for FISMA, NIST SP800-53 r5 and Security Controls
  • Ability to examine, interpret, document and evaluate security strategies and defenses to determine security and business impacts
  • Experience inheriting FedRamp controls 
  • Incident response documentation process proficiency 
  • Familiarity with Risk Management; with cyber threat hunting and vulnerability management 
  • Understanding of DHS CDM as well as Microservices, API's, and 3rd Party Identity Management 
  • Able to effectively evaluate third-party tools
  • Knowledge to proactively make informed decisions and recommendations
  • Understanding and experience with WCAG standards as well as DOD STIG 
  • Strong oral and written communication skills with an attention to details; ensure documentation meets compliance, technical and quality standards, and supports project objectives; familiar with the Plain Writing Act and writing to an audience; able to diagram and illustrate workflows 
  • Respectful demeanor and interpersonal skills; ability to work independently and as part of a collaborative team in virtual and in-person environments
  • Strong organizational, administrative and project coordination skills, ability to effectively manage multiple priorities, exercise sound judgment, ask questions and be open to the input and decisions of others   


BCT Partners is on a mission: To provide insights about diverse people that lead to equity.
We offer a full range of services including consulting, research, training, technology, and analytics services in order to deliver results that improve lives. Inequities in society, including unconscious bias, can exist on many levels — structurally, systematically and even randomly within organizations, institutions, and programs that are intended to benefit society. As a minority owned consulting practice, we have a unique perspective on these disparities and are able to leverage our deep expertise to help drive organizations towards solutions such as conscious inclusion, that close those gaps.
BCT possesses a solid understanding of the sectors where diverse people work, live, and play — healthcare, children & families, housing & community development, economic development, workforce development, and diversity, equity & inclusion. We combine our subject matter expertise with precision analytics and technology to help inform decision-making, gauge progress, measure impact and drive successful outcomes. Our ultimate goal is to eliminate disparities in order to create a more equitable society.
We invite and welcome to our team people who share our values and goals; those with a passion for making the world a better place, who see strength in our diversity, seek equal opportunity access for all communities and are motivated to create a more equitable and just society.  We appreciate the knowledge, abilities, and ideas of each individual and embrace his/her/their positive contributions to our collaborative and dynamic work environment.

Our Clients
This position supports several BCT clients.  A majority of the work will be with the U.S. Department of Health and Human Services (HHS) Administration for Community Living (ACL) Office of Information Resources Management (OIRM).  The mission of HHS ACL is to maximize the independence, well-being, and health of older adults, people with disabilities across the lifespan, and their families and caregivers. ACL’s Office of Information Resources Management (OIRM), located within the Center for Management and Budget (CMB), works with ACL’s program centers to provide and transform information technology services in support of programs serving older Americans and Americans with disabilities. 

This Project
ACL’s goal is to identify, develop, operate and secure a portfolio of new and existing systems that better support the needs of its program, increase system security, and/or reduce the cost for system development and operations.  These technology solutions must comply with a complex set of laws and regulations, as well as user and reporting requirements, and must be sustainable and easily adaptable as program and compliance requirements evolve.
OIRM operates across four segments, all reporting to the ACL Chief Information Officer:  1) IT Portfolio Management (ITPM), 2) Enterprise Digital Strategies & Solutions (EDSS), 3) Policy, and 4) Administrative Support. These segments are cohesive and must work in concert to achieve effective results.   OIRM has contracted with BCT Partners to provide support to EDSS.   

  [1] Job descriptions serve to provide guidance and information regarding position responsibilities and job expectations.  BCT Partners reserves the right, where permitted by law, to modify position responsibilities, sometimes without notice or written updates to the job description documents. BCT Partners is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, military and or/ veteran status, or any other Federal or State legally protected class. BCT Partners will not discriminate against persons because of their disability, including disabled veterans, and will make reasonable accommodations for known physical or mental limitations of qualified employees and applicants with disabilities. If you are interested in applying and require special assistance or accommodations due to a disability, please contact our Human Resources department at careers@bctpartners.com. We appreciate the diversity of our communities and invite all who are interested to apply.

For more information regarding BCT Partners' commitment to equal employment opportunity and affirmative action please click here: www.bctpartners.com/eeoaa