- Assess all applicable security controls defined in the in the mandated DHS Compliance tool and applicable to the systems under their purview.
- Complete a FIPS-199, Privacy Threshold Analysis (PTS), E-Authorization, Contingency Plans (CPs), Contingency Plan Tests, Security Plans.
- Develop the SA Package documentation to include Security Assessment Plans (SAP), Security Assessment Reports (SAR), ATO Letters, ATO Recommendation Memo, Risk Assessment Memos, CFO Designation Memo, POA&M finding matrices, Executive Data Sheet (EDS), OA artifacts, etc.
- Gather evidence for ATO efforts and store results in the mandated DHS Compliance Tool and/or in a separate customer repository.
- Review for upgrades and provide recommendation on whether this will result in major or minor changes and overall cybersecurity impact and utilize tools for tracking of changes.
- Provide recommendations for refining and/or improving existing RMF processes and procedures and support implementation of these changes.
- In view of the remote nature of the contract, an individual Weekly Status Report and Weekly Status Reports Briefing are it is required deliverables for tasks assigned. The resources must have the ability to effectively develop weekly status reports, that are consistent, well structured, answer to all the assigned management templates guidelines, are in alignment with the task area of support, and are relevant to the reporting period. At a minimum the weekly status report should reflect the following:
- Weekly work accomplished
- 2 weeks of ongoing and planned tasks
- Risks, and issues impacting tasks assigned.
- The report format will be primarily MS PowerPoint and MS Project (or other MS tools as required by the management team).
- All Deliverables shall be at a level of accuracy that does not require "return for correction" for typographical and grammatical errors. (Repetitive requests for correction by the management or Government team may result in a determination of failing to meet the basic standards for professional writing, reporting, accuracy, quality, and completeness of the contractual requirements for deliverables.)
- Must have the ability to prepare to present, brief, and explain; all information captured in weekly status report to management and/or government client.
- Analyze IT specifications to assess security risks. Design and implement safety measures and data recover plans. Secure networks.
- Inspect customers systems for vulnerable points of access. Monitor network activities and communicate them to teams.
- Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements technical knowledge of IT systems.
- Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc.
- Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers.
- Proven experience as a Computer Security Specialist.
- Programming skills are preferred.
- Familiarity with security frameworks e.g., NIST Cybersecurity framework and risk management methodologies.
- Knowledge of patch management, firewalls and intrusion detection/prevention systems.
- Familiarity with public key infrastructure (PKI) and cryptographic protocols e.g. SSL/ TLS.
- An analytical mind with excellent problem-solving ability.
- Outstanding communication and organization skills.
- Decision-making skills.
- 7 years minimum of IT Cybersecurity experience including direct support of the US government and 4 years acting as an ISSO, assessor, or compliance analyst OR
- A relevant bachelor's degree in IT, Computer Science or engineering with 5 years of IT cybersecurity experience including direct support for the US Government and 4 years acting as an ISSO, assessor, or compliance analyst
- Certified Authorization Professional (CAP)
- Certified Information Systems Security Officer (CISSO)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Must have at least a Secret Level Security Clearance.
-
Psychologist/psychosexual Risk Assessor
2 days ago
Win Win Operations Washington, United States**ATTENTION**: YOU MUST ANSWER ALL APPLICATION QUESTIONS AND SUBMIT THE REQUIRED SUBMITTALS (IF APPLICABLE) TO BE CONSIDERED FOR THIS POSITION. · **ABOUT US** · Win Win Operations is a leading staffing firm that specializes in providing qualified professionals in various industri ...
-
Risk Assessor
1 week ago
Zermount, Inc. Arlington, United StatesRISK ASSESSOR, MID. · MILITARY FRIENDLY & PREFERRED - HOH SPONSOR · Zermount Inc. is seeking a Mid Risk Assessor who will be responsible for preparing for risk assessments (RA), conducting RA, developing reports and providing solutions to mitigate risk. Conduct assessments of sy ...
-
Risk Assessor
1 day ago
Zermount, Inc Arlington, United StatesJob Description · Job DescriptionRISK ASSESSOR, MID. · MILITARY FRIENDLY & PREFERRED - HOH SPONSOR · Zermount Inc. is seeking a Mid Risk Assessor who will be responsible for preparing for risk assessments (RA), conducting RA, developing reports and providing solutions to mitigate ...
-
Cyber Risk Assessor
3 days ago
Booz Allen Hamilton Arlington, United States Full timeJob Number: R0194327 · Cyber Risk AssessorThe Opportunity: · Warnings about cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this "cyber noise," how can these organiza ...
-
Human Health Risk Assessor
1 week ago
AECOM Germantown, United States**Company Description** Work with Us. Change the World.** · At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world' ...
-
Human Health Risk Assessor
5 days ago
AECOM Germantown, United States**Company Description** · **Work with Us. Change the World.** · At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the ...
-
Human Health and Environmental Risk Assessor
1 week ago
Parsons Corporation Centreville, United StatesIn a world of possibilities, pursue one with endless opportunities. Imagine Next · When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace ...
-
Security Control Assessor
2 days ago
System High Corporation Arlington, United States**Position Overview** · The Security Control Assessor must fulfill a variety of cybersecurity functions, to include: System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology (PIT) ...
-
Information Systems Security Manager
8 hours ago
Credence Management Solutions, LLC Arlington, United StatesOverview: · The Information Systems Security Manager (ISSM) is responsible for implementing and overseeing cyber hygiene for all refugee operational activities within the Refugee Processing Center (RPC). Reporting directly to the Project Manager and Deputy Project Manager for the ...
-
Security Assessor
2 days ago
Educology Solutions Washington, United StatesESI is seeking a security assessor to assist our customer in conducting independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determin ...
-
Security Control Assessor, Lead
3 days ago
Bering Straits Native Corporation (BSNC) Washington, United StatesOverview: · **SUMMARY** · Bering Global Solutions, LLC, a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Security Control Assessor, Lead for a government client in Washington, DC. The selected individual will guide system owners, designated IT se ...
-
Security Control Assessor Ii
1 week ago
Goldbelt, Inc. Washington, United StatesOverview: · Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level ...
-
Environmental Specialist
4 days ago
US United States Army Installation Management Command Fort Belvoir, United States**Duties**: · - Responsible for the implementation and monitoring of the Toxic Substance Control Act (TSCA) and Pollution Prevention (P2) Program. · - Maintains emission source inventories; gathers information and data necessary to demonstrate compliance with air permits and regu ...
-
Security Control Assessor
5 days ago
MAXIMUS, Inc. Arlington, United States& Requirements · Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. · The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed wi ...
-
Security Control Assessor
1 week ago
MAXIMUS, Inc. Arlington, United States& Requirements · Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. · The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed wi ...
-
Information Systems Security Officer
4 days ago
BAE Systems Quantico, United StatesISSO Job Tasks: · - Perform ISSO responsibilities as defined in Marine Corps Orders, Enterprise guidelines, Intelligence Community and other required regulations. · - Support, create, and update cybersecurity policies, procedures and other supporting documentation to achieve comp ...
-
Booz Allen Arlington, VA, United StatesSecurity Control Assessor and System Certification Specialist Key Role: Function as a System Certification Specialist and Security Control Assessor as part of a team in the performance of Assessment and Authorization (A&A) activities ensuring National Institute of Standards and ...
-
Rmf Cybersecurity Analyst- Ts/sci
1 week ago
General Dynamics Information Technology Annapolis Junction, United StatesType of Requisition: · Regular · Clearance Level Must Currently Possess: · Top Secret/SCI · Clearance Level Must Be Able to Obtain: · Top Secret SCI + Polygraph · Suitability: · Public Trust/Other Required: · Job Family: · Cyber Security · Job Qualifications: · **Skills**:Cyber D ...
-
Booz Allen Arlington, VA, United StatesSecurity Control Assessor and System Certification Specialist · Function as a System Certification Specialist and Security Control Assessor as part of a team in the performance of Assessment and Authorization (A&A) activities ensuring National Institute of Standards and Technolo ...
-
Information System Security Officer
2 weeks ago
Leidos Arlington, United StatesR Description Leidos is seeking high-level IT Professionals to provide Cybersecurity A&A Analyst duties within the National Military Command Center. Primary Responsibilities * Must be able to work in a constantly changing regulatory environment with short, mid, and long term time ...
Risk Assessor - Arlington, United States - Zermount, Inc
Description
Job Description
Job DescriptionSENIOR RISK ASSESSOR
MILITARY FRIENDLY & PREFERRED - HOH SPONSOR
The Senior Risk Assessor's role is to design, develop, engineer, and implement solutions. Perform complex risk analyses which also include risk assessment. This position will also establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. The Senior Risk Assessor will support customers at the highest levels in the development and implementation of doctrine and policies. This position will also apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
Duties & Responsibilities:
Required Qualifications:
Basic Qualifications:
Education: Bachelor preferable but professional experience is Permitted:
Certifications and Training (Required): At least one of the following security certifications:
Clearance level:
Work Location: Remote
Business Hours: 8:00 am EST - 4:30 pm EST.