Security Control Assessor (SCA) II
gTANGIBLE Corporation
- Albuquerque, NM
- Permanent
- Full-time
- National Security Programs
- Professional, Administrative, and Management Support
- Mission and Warfighter Support
- Perform oversight of the development, implementation and evaluation of IS security program policy; special emphasis placed upon integration of existing SAP network infrastructure.
- Perform assessment of ISs, based upon the Risk Management Framework (RMF) methodology in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG).
- Advise the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues.
- Evaluate Authorization packages and make recommendation to the AO and/or DAO for authorization.
- Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required.
- Advise the Government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system.
- Ensure security assessments are completed and results documented and prepare the Security Assessment Report (SAR) for the Authorization boundary.
- Initiate a Plan of Action and Milestones (POA&M) with identified weaknesses for each Authorization Boundaries assessed, based on findings and recommendations from the SAR.
- Evaluate security assessment documentation and provide written recommendations for security authorization to the Government.
- Discuss recommendation for authorization and submit the security authorization package to the AO/DAO.
- Assess proposed changes to Authorization boundaries operating environment and mission needs to determine the continuation to operate.
- Review and concur with all sanitization and clearing procedures in accordance with Government guidance and/or policy.
- Assist the Government compliance inspections.
- Assist the Government with security incidents that relate to cybersecurity and ensure that the proper and corrective measures have been taken.
- Ensure organization are addressing and conducting all phases of the system development life cycle (SDLC).
- Evaluate Hardware and Software to determine security impact that it might have on Authorization boundaries.
- Evaluate the effectiveness and implementation of Continuous Monitoring Plans.
- Represent the customer on inspection teams.
- Bachelor's degree in a related discipline or equivalent experience (4 years).
- 7-9 years related experience.
- Prior performance in the role of ISSO and ISSM or SCA.
- Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level III or Information Assurance Manager Level II within 6 months of the date of hire.
- Minimum of four (4) years' experience in SAP, SCI or Collateral Information Systems (IS) Security and the implementation of regulations identified in the description of duties.
- Must be able to regularly lift up to 50 lbs.
- Prior active duty in the U.S. Air Force a plus.