Security Control Assessor and System Certification Specialist
Booz Allen
Engineering & Technology
Job Summary
Function as a System Certification Specialist and Security Control Assessor as part of a team in the performance of Assessment and Authorization (A&A) activities ensuring National Institute of Standards and Technology (NIST) management, operation, technical, and privacy security control implementation compliance for large, complex DoD information systems. Provide support for executing full Assessment and Authorization life cycle and risk management functions, measuring risk, examining system documentation, interviewing appropriate system and site personnel, testing system technical security configuration settings, reviewing scan results, Platform IT (PIT), and developing findings reports. Demonstrate subject matter expertise in NIST security guidance and security control assessment (SCA) processes using the NIST Risk Management Framework (RMF).
- Minimum Qualification: Degree
- Experience Level: Mid level
- Experience Length: 7 years
Job Description/Requirements
Basic Qualifications:
- 7+ years of experience with providing security guidance and IS validation using NIST, RMF, DoD, and local security policies
- Experience with planning and executing comprehensive Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and identification and using required tools, including Assured Compliance Assessment Solution (ACAS) or Security Content Automation Protocol (SCAP)
- Experience with providing configuration management (CM) for information system security software, hardware, and firmware and coordinating changes and modifications as an ISSO, ISSM, or Security Control Assessor (SCA)
- Experience in interfacing with information assurance managers, including preparing and reviewing documentation, such as Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and Plan of Actions and Milestones (POA&Ms)
- Knowledge of NIST Contingency Planning, POA&M management, and DoD continuous monitoring
- Top Secret clearance
- Bachelor's degree in Engineering, Computer Science, or Cybersecurity
- Cybersecurity IAT-Level III, CISSP or CAP Certification
Additional Qualifications:
- Experience with DoD Cybersecurity policies, directives, and DoD STIGs
- Experience with leveraging ACAS, CMRS, and eMASS toolsÂ
- Experience with assessing organizational risks and recommending mitigation strategies
Important Safety Tips
- Do not make any payment without confirming with the Jobberman Customer Support Team.
- If you think this advert is not genuine, please report it via the Report Job link below.
