Security Controls Assessor
Company: Synergy ECP
Location: Simpsonville
Posted on: April 2, 2026
|
|
|
Job Description:
Company Information: Synergy ECP is a Service Disabled
Veteran-Owned Small Business SD(VOSB) that was formed in July 2007
with Headquarters in Columbia, MD and is made up of talented,
dedicated staff to provide a broad range of services to the
defense, intelligence and health care industries. In an
ultra-competitive environment, Synergy ECP has thrived by adhering
to our name, making sure excellence is displayed by our Employees,
to our Customers and by Improving Performance (ECP). It’s what sets
us apart, enabling us to be an autonomous yet agile business that
delivers huge results - showing we’re ready to meet our customers’
evolving demands. Synergy ECP has earned a client list that
includes numerous Fortune 100 companies, in addition to multiple
branches of the US government and military services. Synergy ECP is
an equal opportunity employer and considers qualified applicants
for employment without regard to race, color, creed, religion,
national origin, sex, sexual orientation, gender identity and
expression, age, disability, veteran status, or any other protected
class. Clearance Required: TS/SCI Other Requirements: U.S.
Citizenship Senior Security Controls Assessor (SCA): The primary
role of personnel in this position will be assessing the overall
security compliance of the client’s information systems. This will
be accomplished through actively analyzing security functions for
design weaknesses and technical flaws, determining system
vulnerabilities by performing vulnerability assessments, and
conducting on-site evaluations. A senior SCA should possess The
ability to think ‘out of the box’ Strong presentation, report
writing and customer interface skills Familiarity with various
operations systems such as Microsoft Windows 2000/2003, NT4, XP,
various versions of UNIX (AIX, Solaris, HPUX, etc), and Linux
Detailed knowledge of TCP/IP and other major protocols (i.e.
NetBEUI, NETBIOS, IPX/SPX) and the inherent weaknesses of the
protocols Understanding of ‘hacking’ methodology concerning
performing a vulnerability assessment The ability to describe a
system's avenues of compromise in a network environment and
differentiate between various types of network attacks An
understanding of a typical secure topology and architecture for a
site connected to the Internet (i.e. routers, firewalls, web
servers) Understanding of how to read and interpret a network
diagram and identify possible security related concerns The ability
to keep a robust security skill set current and to work on multiple
projects concurrently FUNCTIONS: Conducts verification and
validation for security compliance of all information systems,
products, and components Analyzes design specifications, design
documentation, configuration practices and procedures, and
operational practices and procedures Provides identification of
non-compliance of security requirements and possible mitigations to
requirements that are not in compliance Conducts on-site
evaluations Validates the security requirements of the information
system Verifies and validates that the system meets the security
requirements Provides vulnerability assessment of the system
Coordinates penetration testing Provides a comprehensive
verification and validation report (certification report) for the
information system Provides process improvement recommendations
Assists the Government to draft standards and guidelines for usage
POSITION REQUIREMENTS: Twelve years of related work experience A
Bachelor’s Degree in Computer Science or IT Engineering may be
substituted for four years of experience Experience in security or
system engineering in five or more areas, including:
telecommunications concepts, operating systems, databases/DBMS,
middleware, applications, web-servers, SANS/Netaps, Active
Directory, firewalls, and controlled interfaces DoD 8570-1M Change
2 certification
Keywords: Synergy ECP, Bethesda , Security Controls Assessor, IT / Software / Systems , Simpsonville, Maryland
