sales-marketing assessment and authorization support specialist

Assessment and Authorization Support Specialist

Job Description:

As a member on the Security Control Assessment – Validator (SCA-V) team, this specialist will have experience in planning, analyzing, documenting, and reporting activities associated with the system security assessment process. This Remote Assessment Liaison will support the assessment team by evaluating compliance of Cybersecurity Service Provider (CSSP) customers.

Key Responsibilities:
  • Performing comprehensive security assessments using the Department of Defense (DoD) Risk Management Framework (RMF) process.
  • Utilize knowledge of Mission Assurance Categories (MAC), Classification Levels (CL) and the NIST 800.53 IA controls associated with each level.
  • Analyzing network and IA systems in unclassified and classified environments for compliance with DoD, and US Army (AR 25-2) security configuration requirements and industry best practices.
  • Responsible for technical review, subset of policy as it relates to the network, system and network diagrams, descriptions, SOPs, compiling and generating deliverables (Risk assessment, findings, and slide presentation).
  • Reviewing technical IA Controls with the customer for specific applicability and compliancy.
  • Conducting Security Tests and Evaluation (ST&E) for Authorization or re-authorization.
  • Analyzing ST&E results; assess, determine, and describe risks associated with the results.
  • Conducting Vulnerability and Risk Assessments; these processes may include scanning with authorized DOD tools and/or scripts (Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Security Readiness Review (SRR) scripts, Security Content Automation Protocol (SCAP).
  • Review and document results from conducted vulnerability, risk assessments, and scanning tools.
  • Responsible for administrative functions related to Cybersecurity Service Provider (CSSP) customer assessments
  • Understanding of DISA Security Technical Implementation Guides (STIGs).
  • Knowledge of DoD and Army policies, regulations, and guidelines.
Basic Qualifications:
  • 5 years’ Experience performing comprehensive security assessments using the Risk Management Framework (RMF)
  • Technical background in networking, system engineering, database administration, web application or software development
  • Experience analyzing Information Assurance systems in unclassified and classified environments for compliance
  • Experience in planning, analyzing, documenting, and reporting activities associated with the system security accreditation and authorization (A&A) process
  • Knowledge of NIST, CNSS, DoD, and Army policies, regulations, and guidelines
  • General knowledge and understanding of the Command Cyber Readiness Inspection (CCRI) process
  • Bachelors’ Degree or equivalent work experience
  • Minimum 8 years of working experience in Information Systems including Information Technology/ cybersecurity
  • Active DoD Secret Clearance with ability to upgrade to Top Secret
  • Must possess the following DoD 8570 IAT/CSSP certifications: Security + CE and C|EH or CISA (CySA+ will also meet all of the requirements)
Professional Skills:
  • Excellent verbal, interpersonal and written communication skills.
  • Strong analytical, problem-solving and decision making capabilities.
  • Team player with the ability to work in a fast-paced environment.
  • Ability to multi-task in a fast-pasted environment and to work independently.

special offer