Security Control Assessor Representative
Electrosoft · Belleville, IL · 1 wk ago
On-siteInformation Technology$115k–$125k/yrFull-time
Duties & Responsibilities
- Assess, identify, and provide to the Government, for AO approval, a listing of recommended enterprise security controls/enhancements that provide mission assurance for cyber USTRANCOM terrain systems supporting USTRANSCOM’s mission.
- Provide SME support for RMF activities within and/or outside Enterprise Mission Assurance Support Service (eMASS) or other tool as designated by the Government.
- Provide technical and operational analyses of supporting artifacts and provide risk analysis recommendations to the SCA.
- Perform triage of authorization, POA&M, System Security Plan, System Categorization, and risk acceptance requests using the Govt RMF Artifact Quality Rubric.
- Identify non-compliant submissions, document in the Package Return Report (PRR), and submit to the Government SCA for approval and signature.
- Review security artifacts provided by program offices or other organizations and assess both technical and functional adequacy of cybersecurity/Information Assurance (IA) controls.
- Perform the Independent Verification and Validation (IV&V) role within eMASS on NIPRNet and SIPRNet, verifying that controls are in-place, operating as intended, producing desired outcomes, and providing feedback to submitters on non-compliant security controls, adequacy of artifacts, and POA&M items, and provide the required PRR as needed.
- Compile Authorization Official package to include risk assessment, required artifacts, and required approval documents to support risk recommendations to the AO in accordance with Government guidance.
- Review and coordinate RMF packages such as categorizations, security plans and POA&Ms for signature by approved authorities as designated by the Government and IAW suspense assigned by the Government.
- Manage eMASS user accounts (i.e., add, delete, and assign/update roles) for the customers instance of eMASS per Government direction.
- Track status of checklists and packages from submission through approval or disapproval decision by the AO.
Qualifications/Certifications
- Must have a current 8140 Cyber Security compliant certification in one of the following: CCISO, CISA, CISM, CISSP, CISSP-ISSEP, CySA+, GSLC or GSNA
- Minimum of 5 to 7 years of related experience
- Requires Active DoD Secret security clearance
- Thorough understanding and experience with DoD RMF tool eMASS
- Excellent written and verbal communication skills, demonstrating the ability to present material to senior DoD and non-DoD officials.
- Able to communicate effectively with senior leaders and customers to clearly present technical approaches and findings.
- Demonstrated knowledge and understanding of the DoD mission
- Experience with Ports, Protocols, Services Management (PPSM) is desired
- Masters or higher in: Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology and Software Engineering