Senior Security Control Assessor
Company: SecuriGence LLC
Location: Arlington
Posted on: June 22, 2022
Job Description:
Job DescriptionJob Title: Senior Security Control
AssessorLocation: Arlington, VirginiaClearance Level: Top Secret
ClearanceSummaryWe deliver essential technology services to our
customers in support of their missions to sustain the national
security and economic interest of our nation. SecuriGence is
seeking a talented Senior Security Control Assessor to help
contribute to our success. Come help us solve problems with
Innovation Through Intelligence.Duties:
- Advise the Information System Owner (ISO) concerning the impact
levels for Confidentiality, Integrity, and Availability for the
information on systems.
- Ensure security assessments are completed for each IS.
- Initiate a POA&M with identified weaknesses and suspense
dates for each IS based on findings and recommendations from the
SAR.
- Evaluate security assessment documentation and provide written
recommendations for security authorization to the CISO and AO.
- Assess proposed changes to Information Systems, their
environment of operation, and mission needs that could affect
system authorization.
- Serve as a cybersecurity technical advisor to the CISO and AO
under their purview.
- Be integral to the development of the monitoring strategy. The
system-level continuous monitoring strategy must conform to all
applicable published DoD enterprise-level or DoD Component-level
continuous monitoring strategies.
- Determine and document in the SAR a risk level for every
noncompliant security control in the system baseline.
- Determine and document in the SAR an aggregate level of risk to
the system and identify the key drivers for the assessment. The
SCA's risk assessment considers threats, vulnerabilities, and
potential impacts as well as existing and planned risk
mitigation.
- Develop the continuous monitoring plan specific to the
information system.Required Skills and Experience:
- 12+ years' related IT experience.
- Strong knowledge of Risk Management Framework (RMF) 800-37 and
continuous monitoring 800-137
- Expert knowledge and hands-on experience with FISMA Systems,
NIST 800-series guidelines, FIPS, Security Assessment &
Authorization (SA&A) requirements and processes, Continuous
Monitoring Framework experience and its tools, Plan of Action &
Milestones (POA&M) policies, and vulnerability/patch
management, risk management, project management, proficient with
Microsoft products - Word, Excel, PowerPoint.
- Proficient with vulnerability and scanning tools and
well-versed in interpreting risk posture resulting from assessment
reports. Experience in project management and tracking, and the
Microsoft suite of office products
- Experience of assessing cloud-based security authorizations
(FedRamp, AWS & Azure) as well as the NIST control
responsibilities
- Experience with SAP/JSIG
- Expert with documenting and or reviewing of security materials
such as; system security plans (SSP), Security Assessment Report
(SAR), and Security Assessment Plan (SAP), and other documents per
NIST 800 guidelines.
- Experience supporting cloud-based security authorizations
(FedRamp, AWS, & Azure)
- Experience creating Security Assessment Plans, Security
Assessment Reports, and Executive-level briefingsQualifications:
- Bachelor's degree or higher. Can be substituted for Associate's
degree with 2+ years of relevant experience or 4 years relevant
experience.
- DOD 8140 IAT Level III (CASP, CCNP, CISA, CISSP, GCED, GCIH,
CCSP)
- Top-Secret Clearance with SCI eligibility is required.
- Performing work onsite is required. AboutSecuriGence LLC (SG)
is an agile, Veteran-owned small business headquartered in the
Washington, DC metropolitan region. Established in April 2010 we
have been supporting the Department of Defense and other United
States Civil agencies in Systems Engineering, Software Engineering,
Software Development, Cyber Security, and Cloud/Virtualization
Management.SecuriGence provides equal employment opportunities to
all employees and applicants for employment and prohibits
discrimination and harassment of any type without regard to race,
color, religion, age, sex, national origin, disability status,
genetics, protected veteran status, sexual orientation, gender
identity or expression, or any other characteristic protected by
federal, state or local laws.
Keywords: SecuriGence LLC, Arlington , Senior Security Control Assessor, Other , Arlington, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...