Jobs · Information Technology · Virginia

Security Control Assessor (SCA)

Mission Technologies, a division of HII · Springfield, VA · 6 days ago
Information Technology$103k–$150k/yrFull-time

About the role

The Security Controls Assessor plays a critical role in evaluating, validating, and strengthening the security posture of information systems across the organization. The SCA is responsible for reviewing and assessing system security packages and bodies of evidence, conducting and documenting the management, operational, and technical security control effectiveness applied on information systems, assessing information systems' weaknesses or deficiencies and recommending corrective actions to address vulnerabilities, providing the initial mitigation of Cybersecurity incidents, supporting incident investigations, and closing incidents, assessing proposed hardware, software, and firmware for vulnerabilities, drafting and submitting formal documentation including Security Assessment Reports, Cybersecurity Assessment Reports, Compliance Reports, Incident Reports, Technical Assessment Reports, and reviewing and assessing Plans of Actions and Milestones.

Responsibilities

  • Reviewing and assessing system security packages and bodies of evidence
  • Conducting and documenting the management, operational, and technical security control effectiveness applied on information systems
  • Assessing information systems' weaknesses or deficiencies and recommending corrective actions to address vulnerabilities
  • Providing the initial mitigation of Cybersecurity incidents, supporting incident investigations, and closing incidents
  • Assessing proposed hardware, software, and firmware for vulnerabilities
  • Drafting and submitting formal documentation including Security Assessment Reports, Cybersecurity Assessment Reports, Compliance Reports, Incident Reports, Technical Assessment Reports
  • Reviewing and assessing Plans of Actions and Milestones

Requirements

  • 4+ years applying or validating security configurations and controls on Enterprise operating systems as a SCA, ISSO, ISSE or systems administrator
  • Technical understanding of Enterprise operating systems, components, protocols, and services (i.e., Windows, RHEL, Active Directory, ACAS, AV, etc.)
  • Demonstrated experience applying the Risk Management Framework to secure Enterprise information systems in the DoD/IC space
  • Experience working with Cybersecurity toolsets such as ACAS and ServiceNow CAM
  • Excellent communication skills, both written and verbal, and skilled in presenting technical concepts to senior leadership/executive management
  • TS/SCI clearance required with ability to obtain a CI Poly
  • Travel requirement 10% annually
  • Must meet DoD 8140/CSWF for 612-Intermedediate or be willing to obtain the appropriate credential within 6 months

Qualifications

  • Engineer Info Assurance 2: 2 years relevant experience with Bachelors in related field; 0 years experience with Masters in related field; or High School Diploma or equivalent and 6 years relevant experience.
  • Engineer Info Assurance 3: 5 years relevant experience with Bachelors in related field; 3 years relevant experience with Masters in related field; 0 years experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 9 years relevant experience.

Skills

Technical understanding of Enterprise operating systems, components, protocols, and services (i.e., Windows, RHEL, Active Directory, ACAS, AV, etc.).

Experience working with Cybersecurity toolsets such as ACAS and ServiceNow CAM.

Excellent communication skills, both written and verbal, and skilled in presenting technical concepts to senior leadership/executive management.

Benefits

Commensurate with experience.

Pay

$102,831.00 - $150,000.00

Schedule

N/A

Similar jobs