Security Control Assessor Job at Govcio LLC in Washington
Govcio LLC, Washington, DC, United States
Overview:
GovCIO is currently hiring for Security Control Assessor with a TS/SCI clearance in Washington, DC (4 days onsite, 1 day remote).
Responsibilities:- Provide an assessment of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities
- Prepare the final security assessment report containing the results and findings from the assessment. Prior to initiating the security control assessment, an assessor conducts an assessment of the security plan to help ensure that the plan provides a set of security controls for the information system that meet the stated security requirements
- Review and approve the IS Security Control Assessment Procedures, the Security Assessment Plan, the System Security Plan (SSP), and the Security Control Traceability Matrix (SCTM)
- Perform configuration management of a client central repository for authorization documentation (i.e., Body of Evidence (BOE)), which is maintained using an A&A workflow software application
- Review and compile the BOE (i.e., security control allocations, security control implementations, test results, Security Assessment Reports (SARs), POA&Ms, risk acceptance recommendations, and risk mitigation strategies) to support the recommendation for client risk acceptance authorization decisions
- Review SARs, verify test results, and create POA&Ms to document corrective actions with milestone completion dates
- Bachelor's with 5+ years (or commensurate experience) of experience as a Security Control Assessor
- Experience conducting security control assessment of all NIST 800-53 controls.
- Senior-level security control assessors should have 7 to 10 years of experience.
- At least one of the following certifications: Security+, CAP
- Technical understanding (understanding network diagrams, vulnerability and compliance scans)
- Experience creating and maintaining various security documents such as the Security Control Plan/Vulnerability Security Review (SCP/VSR), System Backup and Recovery Plans (SBRP) and Plan of Action and Milestone (POA&M) tables.
- Excellent Communication skills (written and oral)
- Experience creating and maintaining various security documents such as the Security Assessment Plan
- Thorough knowledge of NIST 800-53 security controls and required documentation
- Conduct security control assessments based on a Risk Management Framework approach
- Experience conducting risk assessments and developing security assessment reports
- Clearance Required: Must possess an acive Top Secret Clearance and be able to hold SCI
GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.
But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.
Posted Pay Range
The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an at-will position and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.
Posted Salary Range: USD $81,850.00 - USD $140,000.00 /Yr.