Security Control Assessor and System Certification Specialist, Senior
About The Position
Security Control Assessor and System Certification Specialist, Senior The Opportunity: Function as a Senior System Certification Spe cia list or Security Control Assessor as part of a team in the performance of Assessment and Authorization ( A & A ) activities ensuring National Institute of Standards and Technology ( NIST ) management, operation, technical, and privacy security control implementation compliance for large, complex DoD information systems. Provide support for executing full A & A life cycle and risk management functions, measuring risk, examining system documentation, interviewing appropriate system and site personnel, testing system technical security configuration settings, reviewing scan results and Platform IT ( PIT ) , and developing findings reports. Demonstrate subject matter expertise in NIST security guidance and security control assessment ( SCA ) processes using the NIST Risk Management Framework ( RMF ) . Guide and mentor junior members of the team in the SCA process, provide advance analysis and advice to the client, and manage the more complex assessments. You Have:
Requirements
- 7+ years of experience providing security guidance and IS validation using NIST, RMF, DoD, and local security policies
- Experience planning and executing comprehensive cybersecurity test events, including identifying security controls, analyzing assessment procedures and identification, and using required tools such as the Assured Compliance Assessment Solution ( ACAS ) or Security Content Automation Protocol ( SCAP )
- Experience providing configuration management ( CM ) for information system security sof t war e, hard war e, and firmwar e, and coordinating changes and modifications as an ISSO, ISSM, or Security Control Assessor
- Experience interfacing with information assurance managers, including preparing and reviewing documentation such as Systems Security Plans ( SSPs ) , Risk Assessment Reports, Certification and Accreditation ( C & A ) packages, and Plan of Actions and Milestones ( POA & Ms )
- Knowledge of NIST Contingency Planning, POA & M management, and DoD continuous monitoring
- Top Secret clearance
- HS diploma or GED
- Cybersecurity IAT-Level III, CISSP, or CAP Certification s
Nice To Haves
- Experience with DoD cybersecurity policies , directives, and DoD STIGs
- Experience leveraging ACAS, CMRS, and eMASS tools
- Experience assessing organizational risks and recommending mitigation strategies
Benefits
- health, life, disability, financial, and retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
Number of Employees
5,001-10,000 employees
