ArlingtonVARecruiter Since 2001
the smart solution for Arlington jobs

Security Controls Assessor

Company: Maximus
Location: Arlington
Posted on: November 22, 2022

Job Description:

Job Description SummaryThe SCA is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). SCAs also provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities. Responsibilities will cover Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities within the customers area of responsibility.The Security Controls Assessor will: Perform oversight of the development, implementation, and evaluation of IS security program policy; special emphasis placed upon integration of existing SAP network infrastructure Perform assessment of DoD Cloud systems (IAAS, PAAS and SAAS), based upon the Joint SAP Implementation Guide (JSIG) Advise the Government on any assessment and authorization issues Advise the Government on assessment methodologies and processes Evaluate Authorization packages and make recommendation to the AO and/or DAO for authorization Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required Advise the Government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system Review and approve the IS Security Assessment Plan, which is comprised of the SSP, the SCTM, and the Security Control Assessment Procedures Ensure security assessments are completed for each IS At the conclusion of each security assessment activity, prepare the final Security Assessment Report (SAR) containing the results and findings from the assessment Initiate a Plan of Action and Milestones (POA&M) with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR Evaluate security assessment documentation and provide written recommendations for security authorization to the Government Develop recommendation for authorization and submit the security authorization package to the Government Assess proposed changes to ISs, their environment of operation, and mission needs that could affect system authorization Ensure approved procedures are in place for clearing, purging, declassifying, and releasing IS memory, media, and output Assist Government in compliance inspections Assist the Government with security incidents that relate to cybersecurity and ensure that the proper and corrective measures have been taken Assess changes within the IS boundary that could affect the authorization of the boundary Ensure that IS requirements are addressed during all phases of the system life cycle Travel Requirement 10%Positions Requirements: Requires Bachelor's degree and 5-7 years of related experience Current CISSP Certification, preferably CISSP-ISSAP or CISSP-ISSEP Cloud Computing experience, such as Software as a Service (SaaS), Platform as a Service (PaaS), IAAS Infrastructure as a Service (IaaS), VPC (Virtual Private Cloud) Security of Virtualized environments (VMWare, Hyper-V, Xen/ Citrix) Experience with RMF assessments of Virtual environments. IdAM solution experience, PIV, tokens Assessment of Cross Domain Solutions (ISSE Guard, Forcepoint High Speed Guard) Data at Rest Encryption solutions (Hardware / Software) (FIPs-140), Key Management and recovery AWS / C2S experience: S3 Simple Storage Service, Cloud Watch, Cloud Trail Network Security, KGs, VLANs, IDS, ASA, Firewalls, IpSEC, Red / Black separation SIEM Tools experience, Splunk, LogRhythm Familiarity with Microsoft architecture (Servers, Active Directory, Bitlocker, thick / thin clients) Familiarity with securing databases (Oracle) Familiarity with LINUX systems Familiarity with PIT (Platform IT) systems. Familiarity with NIST 800 series Familiarity with CNNSI 1253 Security Controls for National Security Systems Familiarity with JSIG Joint SAP Implementation Guide SAP IT experience ACAS / SCAP experience Extensive experience with MS Office, Excel, Word, Visio, and PowerPoint Strong organizational, written, and oral communication skills Proven ability to multi-task and prioritize responsibilities Excellent attention to details and diligent adherence to deadlines and deliverablesPhysical Requirements:Operate computer equipment. Ability to stand and/or sit 50%. Must be able to detect, identify, recognize, observe, assess, and handle stress and work well under pressure. Security Requirements: Must possess an active TS/SCI clearance in DISSDuty location:Arlington, VATelework:5%#techjobs #ClearanceJob Summary*****This job is reserved for Attain only. Attain job description is under review.*****MAXIMUS IntroductionSince 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit StatementEEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. Were proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.Pay TransparencyMaximus compensation is based on various factors including but not limited to a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation shall be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation.

Keywords: Maximus, Arlington , Security Controls Assessor, Other , Arlington, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Arlington RSS job feeds