Security Control Assessor (Mid-Level) - DHS Cleared

Mclean, VA
Jun 18, 2019
Jun 21, 2019
IT, Security Engineer
Full Time
Company Overview TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and US Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 Assessment and Compliance, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer. TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the US Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure. Job Summary TestPros is looking for experienced Cyber Security Professionals with outstanding customer and technical skills and whom shares our passion for results and customer success. In return, we offer challenging and exciting work environments and competitive compensation packages. You will be located in the Tyson's Corner / Falls Church VA area, with occasional local travel to Springfield, VA. This position requires full US Citizenship, and a recent or current Department of Homeland Security BI highly desired. Responsibilities and Duties Support NIST Risk Management Framework (RMF) based Assessment and Authorization (A&A) activities. Monitor and prepare required actions and documents pertaining to the A&A of the system throughout its lifecycle, to include security evaluation findings and residual risks. Conduct comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the systems. Ensure required security authorization activities are completed and the results are documented in the DHS Information Assurance Compliance System IACS / XACTA tool. Review and process Interconnection Security Agreements (ISAs), Policy Waivers, Approval to Test (ATT), and Interim Approval to Operate (IATO) documents. Assist the Government in preparing a written justification, when appropriate, to obtain a written waiver of policy for mandated security features. Ensure that assigned systems/applications meet the minimum DHS A&A standards before a recommendation is made to the CISO for Authorization. Update and upload all pertinent information for all systems within the DHS Headquarters FISMA portfolio repository. Provide guidance and support for all assigned Security Authorization activities, develop SAR's. Create the CSS Plan, including rules of engagement (ROE) for each major application, information system, or GSS undergoing authorization. Document the results of the security control assessment, including recommendations for correcting any weaknesses or deficiencies in the controls, analyze findings, and develop risk mitigation techniques to address weaknesses Contain the Contractor's assessment of any required security controls. Qualifications and Skills You must have expert knowledge in: Must have 4-6 years of relevant experience as a cyber security control assessor US Federal Information Assurance (IA), and the Risk Management Framework (RMF) Related Best Practices from FedRAMP, NIST, and other sources IT Security Engineering Life Cycle and Release Management Assessment and Authorization (A&A), Certification and Accreditation (C&A), FISMA, FedRAMP, NIST SP 800-53, RMF Risk and Issue Management and Mitigation Strong written, verbal communication and presentation skills - no exceptions! Ability to interface with customers including presentations to senior executives, leadership and team development skills, and success with consulting at the senior management level Benefits and Perks TestPros offers competitive salary, medical/dental/vision insurance, life insurance, 3 weeks of paid time off, 2 weeks of paid holidays, education/training and professional certifications, 401(k) retirement plan with up to 4% company match, opportunities for professional growth, cell phone discounts, and much more! All benefits are per TestPros current policies and are subject to change without notice. Benefits are available to full-time employees only. For more information or to submit your resume, please "Apply Now" or email