Security Control Assessor

BUSINESS ENABLED ACQUISITIONandTECHNOLOGY IncSan Antonio, TX
154d
Match Resume

About The Position

The Information Assurance (IA) Security Administrator – Control Assessor provides enterprise-level cybersecurity compliance and assurance support for the DHA Domain and Directory Services Branch (DDSB). This role ensures that enterprise systems meet DoD Risk Management Framework (RMF) and DHA security requirements through continuous monitoring, control validation, and vulnerability assessment. By performing proactive security assessments, validating controls, and ensuring compliance with RMF and DoD security requirements, this role reduces risk exposure and strengthens the protection of mission-critical healthcare IT systems across the Military Health System.

Requirements

  • BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science or military Training or CGRC/CAP or CASP+ or Cloud+ or PenTest+ or Security+ or GSEC, CISSP.
  • Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate.

Responsibilities

  • Conduct vulnerability scans and security control assessments to validate compliance with DoD and DHA cybersecurity policies, STIGs, and IAVM directives.
  • Maintain and validate asset inventories within ACAS and eMASS, ensuring all enterprise assets are credentialed, scanned, and reported accurately.
  • Develop and maintain Plan of Action and Milestones (POA&Ms) for identified vulnerabilities, providing remediation strategies and tracking progress through closure.
  • Support the IS accreditation process by preparing risk assessment packages, security documentation, boundary diagrams, and accreditation artifacts.
  • Evaluate the impact of system modifications and changes, documenting security implications and ensuring updates align with DHA Change Management procedures.
  • Provide timely reporting of security incidents and violations, escalating findings through DHA’s established IA reporting chain.
  • Collaborate with engineering, administration, and operations teams to integrate IA requirements into system lifecycle activities.
  • Develops: Weekly and ad-hoc vulnerability scan reports; POA&Ms for unremediated vulnerabilities; Risk Assessment packages and security accreditation documentation; eMASS entries, updates, and compliance validation records; Incident reports and corrective action documentation.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Education Level

Bachelor's degree

Number of Employees

101-250 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service