Security Controls Assessor

Arlington, VA
Feb 22, 2021
Feb 24, 2021
IT, Security Engineer
Specialty Trades
Full Time
We are seeking a Security Controls Assessor to join our team supporting Defense Advanced Research Projects Agency.TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. Technology moving at the speed of thought embodies these principles the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at Apply now to explore jobs with us! RESPONSIBILITIESSCA will be aligned to primarily support a specific DARPA Technical Office and/or the MSO-ITD Enterprise environment. Independent from either the ITD-contracted operations personnel or the Technical Office performers who build and implement the information systems (IS) at DARPA, the SCA is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by the target IS - whether Technical Office mission system or ITD Enterprise system -to determine the overall effectiveness of the controls (ie, the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). SCAs also provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities. Additionally, they will:Advise the information system owner (ISO) concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system.Advise the ISO concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system.Ensure security assessments are completed for each IS.Initiate a POA&M with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR.Evaluate security assessment documentation and provide written recommendations for security authorization to the CISO and AO.Assess proposed changes to information systems, their environment of operation, and mission needs that could affect system authorization.Serve as a cybersecurity technical advisor to the CISO and AO for DARPA IS under their purview.Be integral to the development of the monitoring strategy. The system-level continuous monitoring strategy must conform to all applicable published DoD enterprise-level or DoD Component-level continuous monitoring strategies.Determine and document in the SAR a risk level for every noncompliant security control in the system baseline.Determine and document in the SAR an aggregate level of risk to the system, and identify the key drivers for the assessment. The SCAs risk assessment considers threats, vulnerabilities, and potential impacts as well as existing and planned risk mitigation.Develop the Continuous Monitoring Plan specific to the information system.REQUIRED QUALIFICATIONSMinimum 7 years experience required 10 years experience or more preferred. At least 3 years experience in a technical/security-related capacity required, 7 or more years experience is preferred.Experience in information systems DoD assessment and authorization (A&A).Possess knowledge of information technology concepts used in the evaluation of security performance and integrity of applications, communications systems, hardware, software, satellite control systems, and information processing systems.TS Clearance with SCI eligibilityActive IAT Level III certificationU.S. CitizenCOMPETENCIES Establish FocusChange ManagementDevelop OthersOral Communication Written Communication Interpersonal AwarenessBuild RelationshipsAnalytical ThinkingConceptual ThinkingStrategic ThinkingTechnical ExpertiseInitiativeFoster InnovationResults OrientedTeamwork Customer Service WORK ENVIRONMENT AND PHYSICAL DEMANDSThe work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.Location: Arlington, VAType of environment: OfficeNoise level: MediumWork schedule: Schedule is day shift Monday Friday. May be requested to work evenings and weekends to meet program and contract needs.Amount of Travel: Less than 10%PHYSICAL DEMANDSThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.WORK AUTHORIZATION/SECURITY CLEARANCEU.S. CitizenshipTS Clearance with SCI eligibilityOTHER DUTIESPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.EQUAL EMPLOYMENT OPPORTUNITYIn order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as protected status). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.ID: 2020-1233 External Company URL: