- Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks.
- Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
- Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
- Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers).
- Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
- Verify and update security documentation reflecting the application/system security design features.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Assess the effectiveness of security controls and assess all the configuration management (change configuration/release management) processes.
-
Sr Security Control Assessor
2 weeks ago
The Staffing Resource Group Inc Fort Meade, United StatesSenior Security Control Assessor · Salary: $155k/yr. · Location: Ft. Meade, MD (fully on-site) · Industry: Government/Defense · Clearance: Active TS/SCI required · Qualifications : 10+ years of relevant experience as a cyber security control assessor or a MS with 5 year · ...
-
Security Control Assessor
2 weeks ago
ATG Fort Meade, United StatesARCYBER-03 - Security Control Assessor - · Senior · Requisition: · Description/Job Summary · Security Control Assessor - Senior · Job Location: Fort Meade, MD · Position Type: Full Time, 40 hours per week · Athena Technology Group, Inc. is a Service-Disabled Veteran Owned /Small ...
-
Security Control Assessor
2 weeks ago
Intermedia Group Fort Meade, United StatesFUNCTIONAL TITLE: Security Control Assessor IAT III/IAM III - · JOB TITLE: Cyber Intel Associate · LOCATION: Ft Meade Maryland · CLEARANCE: TS SCI FS Poly · COMPENSATION: $180000 · JOB CODE: FS3330 · Security Control Assessor Skill Level 3/ IAT III/IAM III - Senior · ...
-
Information Systems Security Officer
2 weeks ago
SNVC L.C Fort Meade, United States**INFORMATION SYSTEMS SECURITY OFFICER (ISSO) - SENIOR** · Location: Fort Meade, MD · Clearance: Secret · PRIMARY RESPONSIBILITIES · Become part of the SNVC team performing duties of ISSO. Responsible for administering, assuring and maintaining a unique communication system n ...
-
Applied Insight Fort Meade, United StatesJob Description · About Us: Innovating to solve real-world problems · Applied Insight enhances the ability of federal government customers to preserve national security, deliver justice and serve the public with advanced technologies and quality analysis. We work closely with a ...
-
STRATUS Solutions Fort Meade, United StatesAbout Us: Innovating to solve real-world problems Applied Insight enhances the ability of federal government customers to preserve national security, deliver justice and serve the public with advanced technologies and quality analysis. We work closely with agencies and industry t ...
Sr. Security Control Assessor - Fort Meade, United States - The Staffing Resource Group, Inc
Description
Senior Security Control AssessorLocation: Fort Meade, MD
Employment Term and Type: Regular, Full Time
Required Security Clearance: TS/SCI (Requires US Citizenship)
Required Education: B.S. degree
JOB DESCRIPTIONS:
Perform Security Control Assessments to determine the extent to which Information System security controls are implemented correctly, operating as intended, and producing the desired outcomes as stated in the DISA Information Assurance Requirements.
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls.
Follow Assessment and Authorization procedures as defined in NIST to complete comprehensive security control assessment and
draft formal Security Assessment Reports (SAR) to document finding.
Tasks:
10+ years of relevant experience as a cyber security control assessor or a MS with 5 years
Certification Requirements: IAM Level II, CAP or CCSP preferred
Education Requirement: B.S. or relevant experience in related field
Clearance Requirements: Active TS/SCI (US Citizenship is required)
Desired skills:
Experience with RMF, CNSSI 1253, NIST SP 800-53, ICD 503
Experience with Security Technical Implementation Guides (STIGs) and Security Content
Automation Protocol (SCAP) Compliance Checker (SCC)
Experience with utilizing Telos XACTA tool
Applies knowledge of Information Assurance Vulnerability Alerts (IAVAs)
Applies experience with compliance and vulnerability scanning tools (Nessus, McAfee ePO)
Conducts comprehensive security control assessments levied against a system and
documenting the results, including recommendations for correcting any weaknesses or
deficiencies in the controls
Develops a Security Assessment Report (SAR)
Conducts comprehensive reviews of security authorization documents to ensure the
appropriate NIST security guidelines were used during the assessments and the selections of
security controls are relevant to the confidentiality, integrity, and availability of the system
Performs security control assessments on cloud-based systems
Citizenship and an active DOD TOP SECRECT/SCI Clearance are required for the position.
Salary will be commensurate with experience.
EOE/ADA
#clearance
#LI-SRG4
IND123