drjobs Senior Security Control Assessor SCA

Senior Security Control Assessor SCA

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Arlington County, VA - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Are you ready to enhance your skills and build your career in a rapidly evolving business climate Are you seeking a career where professional development is embedded in your employers core culture If so Chenega Military Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support largescale government operations by leveraging cuttingedge technology and take your career to the next level!

SecuriGence is a wholly owned subsidiary of Chenega Corporation an Alaska Native Corporation based in Anchorage AK. Belonging to the Military Intelligence and Operations Support (MIOS) Strategic Business Unit (SBU) Chronos has a culture rooted in integrity respect and exceptional performance. SecuriGence headquartered in Leesburg VA provides missioncritical services in Cybersecurity Systems Engineering and Integration IT Operations Support Software Development and Program Management.

Job Title: Senior Security Control Assessor (SCA)
Location: Arlington Virginia
Clearance Level: Top Secret Clearance
Summary
We deliver essential technology services to our customers in support of their missions to sustain the national security and economic interest of our nation. SecuriGence is seeking a talented Senior Security Control Assessor to help contribute to our success. Come help us solve problems with Innovation Through Intelligence.
Duties:
  • Advise the Information System Owner (ISO) concerning the impact levels for Confidentiality Integrity and Availability for the information on systems.
  • Ensure security assessments are completed for each IS.
  • Initiate a POA&M with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR.
  • Evaluate security assessment documentation and provide written recommendations for security authorization to the CISO and AO.
  • Assess proposed changes to Information Systems their environment of operation and mission needs that could affect system authorization.
  • Serve as a cybersecurity technical advisor to the CISO and AO under their purview.
  • Be integral to the development of the monitoring strategy. The systemlevel continuous monitoring strategy must conform to all applicable published DoD enterpriselevel or DoD Componentlevel continuous monitoring strategies.
  • Determine and document in the SAR a risk level for every noncompliant security control in the system baseline.
  • Determine and document in the SAR an aggregate level of risk to the system and identify the key drivers for the assessment. The SCAs risk assessment considers threats vulnerabilities and potential impacts as well as existing and planned risk mitigation.
  • Develop the continuous monitoring plan specific to the information system.
Required Skills and Experience:
  • Strong knowledge of Risk Management Framework (RMF) 80037 and continuous monitoring 800137
  • Expert knowledge and handson experience with FISMA Systems NIST 800series guidelines FIPS Security Assessment & Authorization (SA&A) requirements and processes Continuous Monitoring Framework experience and its tools Plan of Action & Milestones (POA&M) policies and vulnerability/patch management risk management project management proficient with Microsoft products Word Excel PowerPoint.
  • Proficient with vulnerability and scanning tools and wellversed in interpreting risk posture resulting from assessment reports. Experience in project management and tracking and the Microsoft suite of office products
  • Experience of assessing cloudbased security authorizations (FedRamp AWS & Azure) as well as the NIST control responsibilities
  • Experience with SAP/JSIG
  • Expert with documenting and or reviewing of security materials such as; system security plans (SSP) Security Assessment Report (SAR) and Security Assessment Plan (SAP) and other documents per NIST 800 guidelines.
  • Experience supporting cloudbased security authorizations (FedRamp AWS & Azure)
  • Experience creating Security Assessment Plans Security Assessment Reports and Executivelevel briefings
Qualifications:
  • Bachelors degree or higher. Can be substituted for Associates degree with 2 years of relevant experience or 4 years relevant experience.
  • 5 years relevant experience.
  • DOD 8140 IAM Level II (CAP CASP CISM CISSP GSLC CCISO)
  • TopSecret Clearance with SCI eligibility is required.
  • Performing work onsite is required.

Click on the blue button on the upper righthand corner to join our Talent Network. Please contact me directly for immediate assistance.

Matthew J. Keller
Vice President of Talent Acquisition
Chenega Military Intelligence and Operations Support (MIOS) Strategic Business Unit
Chenega Corporation is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion sex national origin or protected veteran status and will not be discriminated against on basis of disability. Affirmative Action plans are available for review by employees and job seekers by contacting our EEO/AA officer at. If you are having technical issues or need an accommodation please email us at . Every effort will be made to respond within 24 business hours.
Native preference under PL 93638. Drugfree workplace.

We participate in the EVerifyEmployment Verification Program.




Required Experience:

Senior IC

Employment Type

Full Time

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.