Security Control Assessor

Reston, VA
Feb 19, 2021
Feb 24, 2021
IT, Security Engineer
Full Time
Responsibilities: Support to the Assessment and Authorization (A&A) Risk Management Framework process for all client managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation; support remote sites when required. Assist in centralization of A&A files/documentation and maintain files/library; ensure validity and integrity of all systems. Create, update, and delete entries in databases utilized for the tracking of system and network compliance. Ensure that all IA systems are properly documented with Configuration Management processes maintain the security accreditation status of systems/sites including the review of current documentation, site architectures and coordination with sites to ensure the documentation is accurate with the current site architecture, IAW Policy and processes Perform, participate, and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW DoD and IC requirements Provide coordination for assessment metric submissions. Provide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST, ICD, DIAD guidance, using the government provide A&A tool (ie, XACTA) Provide security engineering assessments of proposed IT solutions. Work in coordination with both internal and external systems administrators, configuration management, and network engineers to ensure proper configuration and adherence to security standards regarding deployment actions. Serve as Security Controls Assessors for formal Security Test and Evaluation, Conduct of Security Certifications of (DoDIIS) systems/networks/sites assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilities. Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing, and determining the adequacy of required documentation. Development of all supporting test reports and supporting artifacts and plan and action of milestones (POA&Ms) documenting open findings, preparation of formal authorization packages and oversight of the resolution of POA&Ms and development and maintenance of assessment and authorization enterprise schedules and metrics. Provide support for management and maintenance of assessment and authorization repositories. Perform security assessments at remote sites with collateral (includes, but not limited to, NIPR/SIPR) and/or TS/SCI AIS under the client's purview. Requirements: Bachelor's Degree in Computer Science or a related technical discipline plus 10 years' experience, or the equivalent combination of education, professional training, and work experience Must possess current DoD 8570 IAT III level certification. Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph. IC Application Name First Last Email Phone Application Upload Comments