Security Control Assessor
IPSecure, Inc · Lackland Heights, Texas, United States · 1 wk ago
On-siteInformation TechnologyFull-time
Responsibilities
- Perform in-depth network mapping and topology reviews to identify potential attack surfaces, misconfigurations, and unauthorized interconnections.
- Conduct vulnerability scans and compliance checks using ACAS (Assured Compliance Assessment Solution) and other DoD-approved tools to identify and validate security weaknesses.
- Utilize the Enterprise Mission Assurance Support Service (eMASS) for tracking, managing, and reporting A&A package status and security control compliance.
- Analyze multiple operating systems, network environments, and enclave architectures to assess risks across both classified and unclassified domains.
- Develop and review security documentation including:
- Security Assessment Reports (SARs)
- Risk Assessment Reports (RARs)
- System Security Plans (SSPs)
- Plans of Action and Milestones (POA&Ms)
- Security Control Traceability Matrices (SCTMs)
- Provide situational awareness and technical risk assessments to stakeholders on accredited and pending accreditation systems.
- Collaborate with Authorizing Officials (AOs), Delegated AOs, ISSOs, ISSMs, ISSEs, and Program Managers to ensure alignment with DoD cybersecurity requirements.
- Present technical findings and recommendations in briefings, teleconferences, and formal reviews.
- Record and distribute meeting minutes, weekly activity reports (WARs), and trip reports within required timelines.
- Review and validate documentation prior to submission to AOs/DAOs to support risk-based accreditation decisions.
Requirements
- 6+ years of experience in cybersecurity, information assurance, or related technical fields.
- Familiarity with DoD Risk Management Framework (RMF) and ICD 503 compliance standards.
- Active TS/SCI clearance (or SCI-eligible).
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, or related discipline from an ABET-accredited or CAE-designated institution.
- Mets DoD 8140 IAT Level II or III requirements (CGRC/CAP, CASP+, Cloud+, PenTest+, GSEC).
Preferred Qualifications
- IAM Level III Certifications (CISSP, CISM, or GSLC) preferred.
- Hands-on experience with network mapping tools (e.g., Nmap, SolarWinds, or equivalent) and ACAS/Nessus vulnerability scanning.
- Strong understanding of network architectures, operating systems, and security configurations across enterprise and tactical environments.
Benefits
- Medical, Dental, Vision
- Unlimited Vacation, Sick Leave, Paid Federal Holidays
- Education and Certification Reimbursement Program
- 401(k) retirement plan with safe harbor employer match after 3 months
- Prepaid legal plan and ID protection plan available
- Accident Insurance, Critical Illness Insurance, and Hospital Indemnity Insurance available