Security Control Assessor, Level 3 (2024-0150)

Acclaim Technical Services•Annapolis Junction, MD

2d•$198,720 - $215,322

About The Position

Acclaim Technical Services, founded in 2000, is a leading language, operations, and technology services company supporting a wide range of U.S. Federal agencies. We are an Employee Stock Ownership Plan (ESOP) company, which is uncommon within our business sector. We see this as a significant strength, and it shows: ATS is consistently ranked as a top workplace among DC area firms and continues to grow. The Security Control Assessor will: Conduct verification and validation for security compliance of low and moderately complex information systems, products, and components. Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures. Provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance. Conduct on-site evaluations. Validate the security requirements of the information system. Verify and validate that the system meets the security requirements. Provide vulnerability assessment of the system, coordinate penetration testing, and provide a comprehensive verification and validation report (certification report) for the information system. Provide process improvement recommendations. Draft standards and guidelines for usage. Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures; Conduct on-site evaluations; Conducts verification and validation for security compliance of low and moderately complex information systems, products, and components; provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance; Validate the security requirements of the information system; Verify and validate the system meets the security requirements; Provide vulnerability assessment of the system, coordinate penetration testing, and provide a comprehensive verification and validation report (certification report) for the information system; Facilitate penetration testing; Provide a comprehensive verification and validation report (certification report) for the information system.

Requirements

Twelve years’ experience in security, systems engineering or system assessment to include recent experience within the last three years in five or more of the following areas: Cybersecurity principles and technology, including access/control, authorization, identification and authentication, PKI, network and enterprise security architecture is required.
Bachelor’s degree in Computer Science or Information Technology Engineering or related field of study is required.
A Master’s degree in Computer Science or Information Technology Engineering or related field of study may be substituted for two years’ experience, reducing the requirement to ten years’ experience.
In lieu of a Bachelor’s degree, an additional four years in security or system engineering experience may be substituted.
DoD 8570 compliance with IAT III or IAM III is required.

Responsibilities

Conduct verification and validation for security compliance of low and moderately complex information systems, products, and components.
Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures.
Provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance.
Conduct on-site evaluations.
Validate the security requirements of the information system.
Verify and validate that the system meets the security requirements.
Provide vulnerability assessment of the system, coordinate penetration testing, and provide a comprehensive verification and validation report (certification report) for the information system.
Provide process improvement recommendations.
Draft standards and guidelines for usage.
Facilitate penetration testing.