Security Controls Assessor

Total Systems Technologies Corporation
Washington, DC
Feb 22, 2021
Feb 24, 2021
IT, Security Engineer
Specialty Trades
Full Time
WHO ARE WE? Total Systems Technologies Corporation (TSTC) is an award-winning provider of full lifecycle program, investment, and security management consulting services that enable United States civilian, defense, intelligence, and law enforcement communities to streamline, effectively manage, and defend their programs and operations.OK, WHO ARE WE REALLY TSTC is a Woman Owned, HUBZone certified Small Business (WOW, we are different already!) comprised of individuals who want more - to live more, laugh more, produce more - be more! Built upon our Total Service - Total Commitment cornerstone, TSTC takes pride in our commitment to delivering excellence. Total Service - Total Commitment is our commitment to our employees, to our teams, and to our clients. WHAT WE'RE LOOKING FOR: The Intelligence Systems Assessment and Authorization Analyst shall schedule and conduct cybersecurity assessments in accordance with established USCG, IC, and DoD cybersecurity policies. Shall also provide support for documenting the results of these assessments in Security Assessment Reports (SAR) and Plan of Action and Milestone (POA) documents including assessment of information system vulnerabilitiesThe candidate will be responsible for assisting a team of security control analysts through testing security controls, developing notes/summary of security controls and engineering design review meetings, creating/updating Plans of Action and Milestones (POA), developing Security Assessment Reports (SAR), maintenance of an aggregated Risk Registry, maintenance of assessment packages, maintenance of architecture for shared and/or assigned document management systems, and reporting the results of process reviews and control tests. Must have working knowledge of Risk Management Framework (RMF), NIST, and Cyber Security Framework (CSF) requirements.WHO ARE YOU?At least 3 years of experience in information assurance / cybersecurity for the Intelligence Community (IC), DHS, or in support of National Security Systems.Ability to support multiple high visibility security projects and adapt to changing client priorities while still meeting mission requirements.Detail and process oriented.A team player, capable of working with multiple groups in support of a common goal.Able to balance priorities and tasks.Able to work in Washington DC and support multiple CONUS sites.WHAT YOU'LL DO: Conduct cybersecurity assessments in accordance with established cybersecurity and information assurance policies.Document the results of these assessments in Security Assessment Reports (SAR) and Plan of Action and Milestone (POA) documents.Conduct and review system scans using the Assured Compliance Assessment Solution (ACAS) and provide documented results to appropriate stakeholders for review. Conduct Security Technical Implementation Guide (STIG) validation assessments on information systems in preparation for authorization activities.Develop and conduct detailed security assessment briefs, providing cyber security risk recommendations to the Authorizing Official Designated Representative (AODR) and Authorizing Official (AO).Develop and maintain standard processes to assist Information System Security Officers (ISSO) and Information System Owners (ISO) with security control implementation for information systems. BASIC QUALIFICATIONS: Top Secret SCI Clearance is REQUIRED DoD 8570/8140 IAT Level 2 (or higher) certification is required and may equate to two (2) years of experience (CCNA, CySA+, GISCP, Sec+CE, CND, SSCP etc )Minimum 5 years of overall professional experience. Have at least 3 years of Information Assurance A experience including assessment of information system vulnerabilities. BA or BS from an accredited college or University with a degree in engineering, information assurance, cybersecurity, IT, or related field. An advanced degree is highly desired. Must have working knowledge of NIST 800-53, RMF, and CSF.Experience working independently or on teams, developing and/or executing security assessment reviews, documenting corrective action plans, standard operating procedures, root cause analyses, dashboard development, strong presentation skills.Ability to work with cyber security assessment tools and reporting systems such as Nessus and Vulnerator.Ability to communicate and defend key findings. Able to travel 20-30% of time to local and CONUS sitesCommitment to providing high value services and solutions to meet the client's mission needs. Strong analytical and organizational skills with excellent written and verbal communication skills (English).Proficient skills in Microsoft Excel, Word, PowerPoint, and MS Visio.Ability to work more than 40 hours per week on occasion to meet client deadlines.SECURITY CLEARANCE:Applicants selected must be US Citizens. An active government security clearance - Top Secret with SCI eligibility - is required for this position and the successful candidate must pass a comprehensive background check / screening process.WHERE YOU'LL WORK:This position is located at a client site in Washington DC with convenient access to Metrorail and Metrobus as well as travel to multiple sites throughout the United States.WHY TSTC? Competitive salaryPersonal and team merit bonuses401(k) with 3% gross salary matching regardless of your personal contribution amountMultiple Medical, Dental and Vision plans to choose fromHealth Savings Accounts (HSA) for High Deductible Health Plans with TSTC contributionHealth Care and Dependent care Flexible savings accounts (FSA)Paid Time Off and Flexible Holiday schedulesFlexible work schedules and opportunity to telework100% TSTC paid Life and Disability insurance; Short-term and Long-term disability plansPre-Tax Commuter benefitsEducational AssistanceProfessional certification assistanceCorporate account with Management Concepts - the premier training program in the Washington DC areaCompletely confidential Employee Assistance Program (EAP)Voluntary benefits to include identity theft, home and auto insurance, and a company favorite - Pet InsuranceAnd more ADDITIONAL INFORMATION:All TSTC employees operate according to the terms of the specific contract under which they work. They are responsible for fulfilling the duties of the specific job and are accountable for complying with the terms and conditions of their employment, the TSTC Code of Conduct, and with applicable federal, state and local laws.TSTC is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment due to race, color, national origin, ancestry, nationality, citizenship, religion, creed, age, sex, marital or familial status, sexual orientation, disability, veteran status and liability for service in the US Armed Forces or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at or call us at 276- - or 703- -