Ashburn Consulting, a Small Business based in the Washington, DC metropolitan area, specializes in providing network and network security solutions in complex environments to a select set of government and business clients. The company, an established leader in its field, is composed of an elite team of engineers and business consultants, each of whom is recognized —and highly regarded—within the network and security communities. 

Ashburn Consulting seeks a motivated security professional responsible for leading efforts in policy and risk analysis, audit, and compliance with relevant regulatory standards.   The successful candidate will be responsible for reviewing, updating, auditing and finalizing security policies, procedures, standards, and mechanisms to support client security compliance, systems accreditation, and management.  Integral to this role, the candidate must be able to analyze and determine the level and severity of risks and threats and the potential impact of identified vulnerabilities and misconfigurations present within client networks, systems, and applications.  The ability to serve as a technical lead to client security analysts is essential to the role.  The ability to work with client stakeholders, both within and external to IT staff, to identify security gaps and present risk and vulnerability analyses and data, along with recommendations to secure relevant client systems or applications is required.  Additional responsibilities and tasks may include the ability to assist with security infrastructure configuration and troubleshooting, as needed.

-Five or more years of experience in an Information Security analyst or engineering role

-Five or more years of experience with analyzing and applying information assurance (IA) frameworks, policies and procedures, including access control, incident response, contingency planning, and configuration or change management

-Five or more years of experience with operating and/or analyzing the results of vulnerability or configuration scans using commonly software tools

-Experience with and/or relevant knowledge of cloud security principles and mechanisms

-Excellent oral and written communication skills

-BA or BS degree preferred

-Experience with commonly used risk assessment, vulnerability scanning, and security forensics tools and utilities

-Experience with network security technologies such as next generation firewalls, network virtualization, mail security gateways, endpoint security management systems, and network access control systems is strongly preferred

-CISSP, Security+, CISA, CEH or similar security certification preferred, but not required

-Must be able to lift and carry up to 65 pounds and maneuver in confined spaces

-Must have a valid driver’s license

Equal Opportunity Employer/Veterans/Disabled. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status