Job Title: Security Control Assessor - Intermediate
Location: Scott AFB
Clearance: DoD Secret
Our great client was founded and incorporated by a 20-year Navy Veteran. In 2011, their participation in the Veterans Administration’s Veteran-Owned, Small Business (VOSB) Verification Program, allowed them to become one of the first Information Technology (IT) Small Businesses to be officially verified by the Center of Veterans Enterprise (CVE) as a Service Disabled Veteran Owned Small Business (SDVOSB). Headquartered in in Ridgecrest, California, they provided products and services to the Department of Defense, Department of Homeland Security and private industry.
USTRANSCOM is tasked with the coordination of people and transportation assets to allow the US to project and sustain forces, whenever, wherever, and for as long as they are needed.
Overview: The Security Control Assessor (SCA) independently assesses the adequacy and compliance of security controls applied to United States Transportation Command (USTRANSCOM) information systems. The role of the assessor includes the authorizing activities supporting validation, verification and preparation of RMF packages for approval by the Government SCA and Authorization Official (AO). The assessor must be competent in all phases of the Risk Management Framework, and directly supports the Government Security Controls Assessor (SCA).
- Independently review security artifacts provided by program offices and other organizations and assess both the technical and functional adequacy of the cyber security/information assurance controls.
- Perform the Independent Verification and Validation (IV&V) role within the Enterprise Mission Assurance Support Service (eMASS) tool to include providing feedback to submitters on non-compliant security controls.
- Create and process RMF authorization packages, and track packages from submission to approval/disapproval
- Maintain and execute processes for reviewing and routing of authorization packages, and generate process metrics
- Develop, update and manage listing of recommended enterprise security controls/enhancement, and a list of security controls that are available for inheritance (e.g. common controls) by USTRANSCOM programs and systems
- Manage eMASS user accounts for USTRANSCOM
- Implement and execute the Ports, Protocols and Services (PPS) Program as directed in Department of Defense (DoD) Instruction 8551.01, and to use and provide guidance on the DoD PPS Management (PPSM) system
- Bachelor’s degree from an accredited college or university with major course work in Computer Science, Management Information Systems, or a closely related field.
- Five (5) years of experience with a Bachelor’s degree or a total of nine (9) years of related experience in Information Technology (IT) and / or Cybersecurity.
- Excellent communication skills and consultative personality. Willingness to follow directives.
- Experience with eMASS, Xacta, or similar.
- Experience with DoD Ports, Protocols, and Services (PPS) Program as outlined in DoDI 8551.01 and other applicable DoD directives (a Plus).
- Must met DoD 8570.1M Cyber Security Work Force (CSWF) IAM Level II certification requirements (Security + CE or higher).
- Obtain Certified Ethical Hacker or equivalent certification within 6 months of hire.
- Cloud experience a plus.
* Security Clearance: Candidate must have an active DoD interim Secret clearance (or higher). *
How To Apply:
You will be directed to another website for application instructions.