Security Control Assessor

Invictus International Consulting, LLC
Washington, DC
Feb 22, 2021
Feb 24, 2021
IT, Security Engineer
Full Time
Title: Security Control AssessorLocation: Washington, DC Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph Responsibilities:Support to the Assessment and Authorization (A&A) Risk Management Framework process for all client managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation; support remote sites when requiredAssist in centralization of A&A files/documentation and maintain files/library; ensure validity and integrity of all systemsCreate, update, and delete entries in databases utilized for the tracking of system and network complianceEnsure that all IA systems are properly documented with Configuration Management processes maintain the security accreditation status of systems/sites including the review of current documentation, site architectures and coordination with sites to ensure the documentation is accurate with the current site architecture, IAW Policy and processesPerform, participate and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW DoD and IC requirementsProvide coordination for assessment metric submissionsProvide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST, ICD, DIAD guidance, using the government provide A&A tool (ie XACTA)Provide security engineering assessments of proposed IT solutionsWork in coordination with both internal and external systems administrators, configuration management, and network engineers to ensure proper configuration and adherence to security standards in regard to deployment actionsServe as Security Controls Assessors for formal Security Test and Evaluation, Conduct of Security Certifications of (DoDIIS) systems/networks/sites assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilitiesProvide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentationDevelopment of all supporting test reports and supporting artifacts and plan and action of milestones (POA&Ms) documenting open findings, preparation of formal authorization packages and oversight of the resolution of POA&Ms and development and maintenance of assessment and authorization enterprise schedules and metricsProvide support for management and maintenance of assessment and authorization repositoriesPerform security assessments at remote sites with collateral (includes, but not limited to, NIPR/SIPR) and/or TS/SCI AIS under the client's purview Requirements: Bachelor's Degree in Computer Science or a related technical discipline plus 10 years' experience, or the equivalent combination of education, professional training and work experience Must possess current DoD 8570 IAT III level certificationCurrent active TS/SCI clearance, with the ability to obtain and maintain a CI polygraphEqual Opportunity Employer/Veterans/Disabled