Information Assurance Security Specialist (Control Assessor)

Computer World ServicesSan Antonio, TX
6dHybrid

About The Position

Supports DHA cybersecurity compliance by assessing security controls, validating evidence, and maintaining authorization artifacts for DDSB systems. This role focuses on Risk Management Framework (RMF (Risk Management Framework) support, audit readiness, and defensible documentation.

Requirements

  • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Data Science, Engineering, Mathematics, or a closely related discipline or equivalent practical experience (as permitted by the contract).
  • Minimum 4 years of relevant experience supporting enterprise IT environments, with demonstrated work aligned to Information Assurance.
  • At least one: CGRC/CAP, CASP+, Cloud+, PenTest+, Security+, or GSEC.
  • Must be able to obtain and maintain Public Trust suitability and all required system access (e.g., CAC-enabled accounts) to perform duties.
  • This position is aligned to applicable DoD Manual 8140.03 work role 612 (NIST: SP-RM-002); contractor personnel must meet DoD 8570.01-M baseline certification requirements and transition to DoD Manual 8140.03 work role requirements, including required training, knowledge, skills, abilities, and tasks, within Government-directed timelines.

Nice To Haves

  • Alternate/equivalent certifications may be accepted with Government approval.
  • Preferred/Work-center dependent: Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate.

Responsibilities

  • Assess and validate implementation of security controls using applicable RMF requirements, CNSSI 1253 control sets, assessment procedures from NIST SP 800-53A with DoD-specific assignment values, overlays, and implementation guidance.
  • Plan, execute, and document security control assessments, including interviews, artifact/evidence review, and test result validation supporting authorization decisions and risk acceptance determinations.
  • Track and report status of major deliverables, including Risk Assessments, Risk Acceptance, accreditation & authorization efforts (A&A), Control Correlation Identifier (CCI) completion, and Plans of Action and Milestones
  • Recommend corrective actions and process improvements; maintain accuracy and timeliness of assessment inputs to eMASS (Enterprise Mission Assurance Support Services) and other accreditation requirements.
  • Validate evidence of authorization in required security documentation (e.g., System Security Plan, Security Assessment Report, POA&M (Plan of Actions & Milestones), authorization decision documentation) and support audit readiness for FISMA (Federal Information Security Modernization Act) security control testing.
  • Review and evaluate the effects of security system changes, including interfaces with other Information Systems, document assessment impacts and required updates to authorization artifacts.
  • Support reciprocity by providing directed information in NIST security documents to Government stakeholders.
  • Support continuous monitoring by reviewing and updating system assets and security artifacts as part of the Continuous Monitoring process and Annual Review process.
  • Coordinate with system owners, engineers, and cybersecurity teams to validate remediation actions and closure evidence for assessment findings.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service