
TestPros, Inc.
Remote Jobs
Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
24 Jobs
SOC 2 Assessor – Part time
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Test and evaluate the operating effectiveness of internal controls against the relevant AICPA Trust Services Criteria (TSC), including: Security, Availability, Processing Integrity, Confidentiality, Privacy. • Conduct Gap analysis and readiness assessments to identify and document gaps in the organization's existing controls. • Gather and organize sufficient and appropriate evidence to support the findings. • Compile the results of the audit into a detailed SOC 2 Type 2 report. • Provide recommendations and guidance on remediation and best practices for improving security posture. • Produce and review key performance indicators for implemented security measures and distribute KPIs. • Maintain knowledge of threat landscape by monitoring threat intelligence and other related sources.
ISO 27001 SME, Part Time
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Lead the design, implementation, and maintenance of the ISMS in compliance with ISO 27001 standards. • Conduct risk assessments and develop risk treatment plans to mitigate information security risks. • Coordinate and conduct internal audits to ensure ongoing compliance with ISO 27001 and prepare the organization for external audits. • Develop and deliver training programs to raise awareness of information security policies and procedures across the organization. • Work closely with cross-functional teams to ensure information security is integrated into all business processes and projects. • Maintain up-to-date documentation of the ISMS, including policies, procedures, and audit records. • Monitor and report on the performance of the ISMS, including metrics and key performance indicators (KPIs). • Stay current with the latest developments in information security and ISO 27001 standards to ensure continuous improvement of the ISMS. • Provide expert guidance and support to the organization on all matters related to ISO 27001 and information security. • Collaborate with external auditors and regulatory bodies as needed.
Lead CCA Certified Professionals
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Assess Organizational Readiness: Evaluate current cybersecurity practices and gaps in relation to the three CMMC 2.0 levels (Foundational, Advanced, Expert) • CMMC Certification Guidance: Provide expert advice on the steps required to achieve and maintain certifications for Levels 1, 2, 3 and 4, including guidance on self-assessments, third-party certifications, and government-led assessments • Compliance Strategy: Develop a comprehensive roadmap for achieving CMMC compliance, including identifying necessary controls and policies, implementing NIST SP 800-171/800-172 requirements, and addressing Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) security • Subcontractor Oversight: Assist prime contractors in ensuring that subcontractors meet CMMC certification requirements, implementing a robust supply chain compliance management system • Incident Reporting & Continuous Compliance: Provide guidance on establishing continuous monitoring and compliance processes, including the rapid reporting of security incidents (72-hour notification) and annual affirmations of compliance • Training & Awareness: Conduct training sessions for internal teams and contractors to understand the CMMC requirements and how to implement appropriate cybersecurity controls
Document Remediation Specialist, Part Time
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Remediate digital documents of varying complexity. • Ensure compliance with WCAG 2.1 AA, Section 508, and PDF/UA accessibility standards • Remediate multiple file types, including: Microsoft Word, Excel, PowerPoint, Google Docs, Sheets, Slides, Scanned and non-scanned PDFs • Conduct quality assurance reviews to validate accuracy and accessibility • Collaborate with team members to support efficient, user-friendly submission and workflow processes • Meet turnaround timelines for both simple and complex file types
FedRAMP Subject Matter Expert
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Advise clients on FedRAMP requirements and compliance strategies. • Conduct gap assessments and develop remediation plans. • Assist in implementing security controls per FedRAMP and NIST SP 800-53 standards. • Help clients develop and refine required documentation (SSP, Policies, Procedures). • Prepare clients for 3PAO assessments with mock audits and readiness reviews. • Provide recommendations for security controls in cloud environments. • Ensure technical solutions align with security policies and standards. • Participate in pre-sales calls with potential clients. • Provide technical expertise and collaborate with account managers on proposals. • Work with account managers to ensure client satisfaction and successful project outcomes. • Manage project plans, ensuring timely completion of milestones and deliverables.
Senior Independent Verification and Validation Specialists
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
Role Description TestPros is seeking Senior Independent Verification and Validation (IV&V) Specialists. Start: Future projects late 2026 or 2027 (not an immediate job opening) Type: Consulting Responsibilities and Duties - Ability to gather, interpret, and apply leading industry and Government practice to support review of operations. - Participate in review and assessment throughout the PMO with primary focus on the following areas: - Communications Management - Configuration Management - Integration Management - Data Oversight and Planning - Cutover Management - Testing and Validation - Correctly interpret and consistently follow the Program’s defined policies, processes, and procedures. - Identify and document requirements based upon customer specifications. - Develop automated and manual procedures based upon derived requirements. - Develop technical documentation detailing: - Test requirements - Test design parameters - Test procedures - Test plans - Test result logs - Test reports - Defect reports - Ensure documentation is well written, accurate, complete, and thorough. - Communicate effectively in written and verbal form. - Provide input to scheduling of test-related activities. - Ensure the maintenance of test assets and documentation. Qualifications - Minimum 4 years’ experience performing Independent Verification and Validation (IV&V) with state or federal clients, or equivalent. - Minimum 4 years’ experience as a primary Project Manager managing complex IT projects. - Knowledge of and familiarity with IV&V requirements and with industry standards for IEEE, CMMI and PMBOK. - Superb oral and written communication skills, organizational, interpersonal, and analytic capabilities. - Team player who effectively works well with clients and colleagues at all levels. - Technical writing samples will be required. Requirements - Experience with Agile methodology is preferred. - Current Project Management Professional (PMP) certification strongly preferred. Benefits - Rate: $60-90/hr (1099 or Corp. To Corp.). This range represents a good-faith estimate and is not a guarantee; final compensation is determined by factors such as experience, qualifications, and government contract labor rate requirements and may fall outside the stated range. Equal Opportunity Employer TestPros is an equal-opportunity employer and does not discriminate in employment based on race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or any other non-merit factor. Offer Considerations TestPros considers several factors when extending an offer, including but not limited to, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, geographic location, education, and certifications. Federal Compliance As a federal contractor, TestPros is subject to all federal and state mandates and/or other customer requirements.
HIPAA Compliance Assessor/Consultant
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Identify Electronic Protected Health Information (ePHI): Locate all systems holding sensitive data • Identify Threats and Vulnerabilities: Determine potential, reasonably anticipated threats • Assess Security Measures: Evaluate current safeguards • Determine Likelihood and Impact: Evaluate the probability and impact of potential breaches • Document and Prioritize Findings: Create the formal report and risk mitigation plan
Privacy Compliance Consultant – Children’s Data Compliance
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Conduct independent privacy assessments of digital systems (web/mobile) • Review how user data is collected, used, stored, and shared • Perform privacy reviews (PIA/DPIA) and document findings • Analyze data flows and data handling practices • Evaluate consent mechanisms, age verification, and data minimization practices • Identify privacy risks and compliance gaps • Provide clear audit-style reports with recommendations
Penetration Tester, Part Time
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Conduct complete penetration tests, report on results, and provide improvement recommendations • Ensure customer satisfaction through the delivery of high-quality consulting services across a portfolio of commercial and federal government projects • Ability to elicit and understand customer requirements and convert those requirements into a technical services solution • Ability to accurately estimate time and cost for each project • Foster an environment of continuous learning, innovation and excellence • Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks • Develop, review and approve formal statements of work, change requests, and proposals • Formulate timely reports and documentation to track progress • Effectively collaborate with peers and company leadership to accomplish team, corporate and client objectives • Answer developer, designer, and content contributor questions about IT Security requirements.
Security Controls Assessor
TestPros, Inc.Independent IT Assessment and Managed Services for Cybersecurity, DFARS, CMMC, Accessibility, Test Automation, and More.
• Develop NIST 800-53 Rev5 based System Security Plan (SSP) • Create/Update the applicable documents identified by NIST 800-53 Rev 5, specifically the Security Assessment Report (SAR) • Create/Update the associated Plan of Actions and Milestones (POA&M) • Provide detailed security-related reports including data, analyses, and conclusions upon completion of tests, scans, and assessments, including mitigations and, if indicated, appropriate escalation of identified risks and vulnerabilities • Verify and document the implementation of security controls necessary to achieve compliance • Keep management apprised of impending areas of concern, verbally and in writing • Review and develop System Security Plans (SSPs), Plans of Actions and Milestones (PO&Ms), and as well as other necessary artifacts • Facilitate the Plan of Actions and Milestones (POA&M) program to ensure customer systems have accurately and fully provided information for POA&M activities to include valid remediation of findings • Develop various policy documents (SOPs/CONOPs) as required • This may include policies regarding Configuration Management, IS Sanitization, Media Security, Password Policy, Business Continuity, Continuity of Operations, Incident Response, Disaster Recover, and Security Assessments • Develop new, and mature existing information security and risk policies • Initiate, and lead on-going information security maturity assessment processes and training, using industry accepted frameworks and implement into the overall cyber security posture • Produce and review key performance indicators for implemented security measures and distribute KPIs • Maintain knowledge of threat landscape by monitoring threat intelligence, and other related sources
14more opportunities are still waiting for you.Log in now and take your next shot before someone else does.