Security Control Assessor - Sca

Security Control Assessor – Sca

DoD Top Secret/SCI
Certifications: 8140 / 8570 IAM/IAT III (CISSP required)
BS in STEM / Computer Science/ Cybersecurity or related field
Minimum 7-10 years’ experience
Minimum 5 years’ experience as a security control assessor or representative
Experience with Integration and engineering of cybersecurity related tools such as vulnerability scanners (Nessus), anti-malware solutions (McAfee, Trellex, ClamAV, etc), Security Information Event Management (SIEM) tools (such as Splunk / ELK / OpenSearch), secure baseline implementation and hardening, basic system administration for Linux or Windows environments
Experience with translation of technical security control plans and objectives into actionable engineering milestones and creation of security control plans / assessment procedures
Experience within modern cloud environments is required (AWS, Oracle, MS, Google)
Experience with Xacta or Emass

Develop cybersecurity policies, procedures, standards, and guidance
Provide input to assessment and authorization process activities and related documentation such as systems concept of operations, system security design, implementation plans, operational procedures, and maintenance training materials
Provide engineering support and assistance to authorization/accreditation test and evaluation activities
Provide continuous monitoring support for information systems
Develop IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and systems under development
Conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37)