Security Control Assessor
Primary Duties: Security Control Assessor (SCA) performs assessments of all systems under the purview of the Director DIA. These assessments include the use of various technical tools to assess a target systems capabilities, deficiencies, and vulnerabilities; review of technical and administrative documentation; discussion and interviews with responsible system personnel; analyzing and assessing various data points to identify the risk associated with an assessed system; providing written documentation and assessment for each assigned system. Job Responsibilities:Assist in centralization of A&A files/documentation and maintain files/library; ensure validity and integrity of all systems.Create, update, and delete entries in databases utilized for the tracking of system and network compliance.Ensure that all IA systems are properly documented with Configuration Management processes.Maintain the security accreditation status of systems/sites including the review of current documentation, site architectures and coordination with sites to ensure the documentation is accurate with the current site architecture, IAW DIA Policy and processes.Perform, participate and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW DoD and IC requirements.Provide coordination for assessment metric submissions.Provide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST, ICD, DIAD guidance, using the government provide A&A tool (eg XACTA).Provide security engineering assessments of proposed IT solutions.Support to the DIA Assessment and Authorization (A&A) Risk Management Framework process for all DIA managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation. Support remote sites when required.Work in coordination with both internal and external systems administrators, configuration management, and network engineers to ensure proper configuration and adherence to security standards in regard to deployment actions.Serve as Security Controls Assessors for formal Security Test and Evaluation, Conduct of Security Certifications of (DoDIIS) systems/networks/sites assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilities,, all security domains.Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation.Development of all supporting test reports and supporting artifacts and plan and action of milestones (POA&Ms) documenting open findings, preparation of formal authorization packages and oversight of the resolution of POA&Ms and development and maintenance of assessment and authorization enterprise schedules and metrics.Provide support for DIA management and maintenance of assessment and authorization repositories.Perform security assessments at remote sites with collateral (includes, but not limited to, NIPR/SIPR) and/or TS/SCI AIS under DIA's purview and/or managed by DIA. Required Qualifiications:Bachelors Degree in Computer Science or a related technical discipline, and 10 years experience or the equivalent combination of education, professional training or work experience.Candidates must posses DoD 8570 IAT III level certification. CISA certification highly desired. Security Clearance:Candidates must have an active TS/SCI and must be willing to obtain and maintain a CI polygraph. Do have a friend, family member or past colleague that would be interested in a new career opportunity? Tanager invites you to participate in our new External Recruiting Bonus Outreach Program. They will have the opportunity to find a rewarding new career. Please select External Recruiting Bonus under the Career tab on our website, www.tanagerinc.com, for further details. EOE/AA/M/F/Disabled/Vet Company Description: When it comes to Insider Threat Mitigation, Cyber Security and IT Solutions, Tanager is a leader in the field. We are a Woman Owned Small Business (WOSB) and serve a range of customers from the Federal Government, Intelligence Agencies and the Department of Defense to Fortune 500 Companies and small to mid-sized commercial companies. In August 2016, Tanager celebrated 20 years in business. The corporate philosophy of Tanager is based on honesty, integrity, education and active commitment to provide the best in customer service.