Security Controls Assessor
Modern Technology Solutions, Inc. (MTSI) · Dayton, OH · 6 days ago
On-siteInformation Technology$180k–$220k/yrFull-time
Responsibilities
- Perform oversight of the development, implementation and evaluation of IS security program policy; special emphasis placed upon integration of existing SAP network infrastructure.
- Assess ISs, based upon the Risk Management Framework (RMF) methodology in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG).
- Advise the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues.
- Evaluate authorization packages and make recommendations to the AO and/or DAO for authorization.
- Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required.
- Advises the Government concerning the impact levels for confidentiality, integrity, and availability for the information on a system.
- Ensure security assessments are completed and results documented and prepare the Security Assessment Report (SAR) for the authorization boundary.
- Initiate a Plan of Action and Milestones (POA&M) with identified weaknesses for each authorization boundary assessed, based on findings and recommendations from the SAR.
- Evaluate security assessment documentation and provide written recommendations for security authorization to the Government.
- Assess proposed changes to authorization boundaries operating environment and mission needs to determine the continuation to operate.
- Review and concur with all sanitization and clearing procedures in accordance with Government guidance and/or policy.
- Assist the Government compliance inspections.
- Assist the Government with security incidents that relate to cybersecurity and ensure that the proper and corrective measures have been taken.
- Evaluate hardware and software to determine security impact that it might have on authorization boundaries.
- Evaluate the effectiveness and implementation of Continuous Monitoring Plans.
Requirements
- 15+ years related experience required; 9 years' highly desired.
- Prior performance in roles such as System, Network Administrator or ISSOMinimum of 2 years’ experience in SAP, SCI or Collateral Information Systems (IS) Security and the implementation of regulations identified in the description of duties.
- Prior performance in the role of ISSO and ISSM.
Qualifications
- Bachelor's Degree in Computer Science, Computer Engineering or a related field.
Benefits
- Full range of medical benefits
- 401k
- ESOP
- paid time off
- and other benefits
Base pay information is based on market location. Applications will be accepted on an ongoing basis. This posting will be renewed periodically until the position is filled.