Security Control Assessor
3 weeks ago
**Security Control Assessor Team Lead**:
**MILITARY FRIENDLY & PREFERRED - HOH SPONSOR**:
**Summary**
Zermount Inc. is seeking a Security Control Assessor Team Lead who will play a vital role in leading multiple teams on large projects. The System Security Assessment Team Lead will oversee all aspects of the Assessment Team ensuring the performance of complex risk analyses, including risk assessments. The System Security Assessment Team Lead will determine information assurance based upon the analysis of technical, user, policy, regulatory, and resource implementations. They will also support customers at the highest levels in the analysis of the implementation of doctrine and policies.
**Duties & Responsibilities**
- Serve as the liaison to System Owners for completing all Security Authorization, Preliminary Risk Assessment, and ad hoc Risk Assessment efforts.
- Assess all applicable security controls defined in the mandated DHS Compliance tool and applicable to the systems under their purview.
- Assess the completeness and accuracy of system a FIPS-199, Privacy Threshold Analysis (PTS), E-Authorization, Contingency Plans (CPs), Contingency Plan Tests, Security Plans.
- Develop SA Package documentation to include Security Assessment Plans (SAP), Security Assessment Reports (SAR), ATO Letters, ATO Recommendation Memo, Risk Assessment Memos, Findings and recommended POA&M Matrices.
- Analyze evidence for ATO efforts and store results in the mandated DHS Compliance Tool and/or in a separate customer repository.
- Manage mini teams to ensure all SA Activities are completed.
- Provide Recommendations for refining and/or improving existing RMF processes and procedures and support implementation of these changes.
- In view of the remote nature of the contract, an individual, and Team Weekly Status Report and Briefing are required deliverables for tasks assigned. Must have the ability to effectively develop weekly status reports, that are consistent, well structured, answer to all the assigned management templates guidelines, and are in alignment with the task area. At a minimum the weekly status report should reflect the following: Weekly work accomplished, 2 weeks of ongoing and planned tasks, Risks, and issues impacting tasks assigned
- The report format will be primarily MS PowerPoint and MS Project (or other MS tools as required by the management team).
- All Deliverables shall be at a level of accuracy that does not require "return for correction" for typographical and grammatical errors. (Repetitive requests for correction by the management or Government team may result in a determination of failing to meet the basic standards for professional writing, reporting, accuracy, quality, and completeness of the contractual requirements for deliverables.)
- Must have the ability to prepare to present, brief, and explain; all information captured in weekly status report to management and/or government client.
- Conduct SCA and provide quality assurance and SCA expertise to other team members.
**Qualifications**
- A minimum of ten (10) years of IT cybersecurity experience including direct support for the US Government and seven (7) years actin as an ISSO, assessor, or compliance analyst for enterprise IT systems, or a relevant Master's degree in IT, Computer Science, or Engineering and seven (7) years of IT cybersecurity experience including direct support for the US Government and five (5) years acting as an ISSO, assessor, or compliance analyst.
- Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
- Experience and knowledge of Executive Orders (EO's), Office of Management and Budget (OMB) Memorandums, Federal, DoD and CISA Technical Reference Architectures, Maturity Models, NIST guidance, FISMA, Cloud, and Risk Management Framework (RMF). Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
- Technical knowledge of complex enterprise IT systems
- Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Tenable, Nessus Security Center, Splunk, etc.
- Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers.
- Understanding of zero trust principles is beneficial but not required.
- Proficient in risk assessment methodologies and security architecture frameworks.
- Technical knowledge of complex enterprise IT systems.
- Experience with cloud-based environments and technologies is preferred.
- Knowledge of common cybersecurity threats, risks, and vulnerabilities and how to mitigate them.
- Excellent communication skills, with the ability to explain complex concepts in a clear, concise manner.
- Technical knowledge of IT systems and implementation of security controls.
- Strong problem-solving skills, proactive attitude towards identifying potential issues and implementing solutions.
- The ability to organize and motivate a project team.
- Must be able to conduct sys
-
Security Control Assessor
1 month ago
Arlington, United States Maximus, Inc. Full timeMaximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls Assessor, Control, Information Technology, Security, Network Security, Controls, Manufacturing
-
Security Control Assessor
2 days ago
Arlington, United States Maximus Services, LLC Full time**Description & Requirements** Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an SAP information system to determine the...
-
Security Control Assessor
2 months ago
Arlington, United States Maximus Services, LLC Full time**Description & Requirements** Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an SAP information system to determine the...
-
Security Control Assessor
3 weeks ago
Arlington, United States MAXIMUS, Inc. Full timeDescription & Requirements Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an SAP information system to determine the...
-
Security Control Assessor
2 weeks ago
Arlington, United States MAXIMUS, Inc. Full timeDescription & Requirements Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA. The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an SAP information system to determine the...
-
Security Control Assessor
3 weeks ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob Description Security Control Assessor Team Lead MILITARY FRIENDLY & PREFERRED - HOH SPONSORSummaryZermount Inc. is seeking a Security Control Assessor Team Lead who will play a vital role in leading multiple teams on large projects. The System Security Assessment Team Lead will oversee all aspects of the Assessment Team ensuring the...
-
Security Control Assessor
4 days ago
Arlington, United States System High Corporation Full time**Position Overview** The Security Control Assessor must fulfill a variety of cybersecurity functions, to include: System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology (PIT) assessment and authorization, Information Assurance and Technical Security for...
-
Senior Security Control Assessor
3 weeks ago
Arlington, United States SecuriGence LLC Full timeJob DescriptionJob DescriptionJob Title: Senior Security Control Assessor (SCA)Location: Arlington, VirginiaClearance Level: Top Secret ClearanceSummaryWe deliver essential technology services to our customers in support of their missions to sustain the national security and economic interest of our nation. SecuriGence is seeking a talented Senior Security...
-
Security Assessor
2 months ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionSECURITY ASSESSOR - MID-LEVELMILITARY FRIENDLY & PREFERRED - HOH SPONSORAs a Mid Security Control Assessor, you will design, develop, engineer, and implement solutions. You will perform complex risk analyses which also include risk assessment. Establish and satisfy information assurance and security requirements based upon the...
-
SCA II
3 weeks ago
Arlington, United States Watermark Risk Management International Full timeJob DescriptionJob DescriptionCome make your mark with Watermark!🎖️ FOUNDED BY USAF VETERANS in 2007, we are proud to be a Service-Disabled Veteran Owned Small Business.🌎 SUBJECT MATTER EXPERTS specializing in security and risk management. We’re intimately familiar with DOD security programs and mission requirements.⭐ OUR CORE VALUES drive every...
-
Risk Assessor
2 months ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionSENIOR RISK ASSESSORMILITARY FRIENDLY & PREFERRED - HOH SPONSORThe Senior Risk Assessor's role is to design, develop, engineer, and implement solutions. Perform complex risk analyses which also include risk assessment. This position will also establish and satisfy information assurance and security requirements based upon...
-
Risk Assessor
2 weeks ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionSENIOR RISK ASSESSORMILITARY FRIENDLY & PREFERRED - HOH SPONSORThe Senior Risk Assessor's role is to design, develop, engineer, and implement solutions. Perform complex risk analyses which also include risk assessment. This position will also establish and satisfy information assurance and security requirements based upon...
-
Assessor
3 weeks ago
Arlington, United States ARM Consulting Full timeJob DescriptionJob DescriptionSalary: Company: ARM Consulting Position Title: AssessorPosition Category: Full TimeLocation: Rockville, Maryland (Remote Work)ARM Consulting (ARM) is a management and technology company that integrates a range of capabilities to assist government and...
-
Assessor
2 weeks ago
Arlington, United States ARM Consulting Full timeJob DescriptionJob DescriptionSalary: Company: ARM Consulting Position Title: AssessorPosition Category: Full TimeLocation: Rockville, Maryland (Remote Work)ARM Consulting (ARM) is a management and technology company that integrates a range of capabilities to assist government and...
-
Zero Trust Senior Auditor
2 weeks ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionZERO TRUST SENIOR Auditor (assessor)MILITARY FRIENDLY & PREFERRED - HOH SPONSORZermount Inc. is seeking a Zero Trust (ZT) Senior Auditor (Assessor) who will be responsible for the oversight, development, and execution of assessments of our client's enterprise and systems to determine the compliance with ZT principles. The ZT...
-
Zero Trust Senior Auditor
2 months ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionZERO TRUST SENIOR Auditor (assessor)MILITARY FRIENDLY & PREFERRED - HOH SPONSORZermount Inc. is seeking a Zero Trust (ZT) Senior Auditor (Assessor) who will be responsible for the oversight, development, and execution of assessments of our client's enterprise and systems to determine the compliance with ZT principles. The ZT...
-
Zero Trust Senior Auditor
2 weeks ago
Arlington, United States Zermount, Inc Full timeJob DescriptionJob DescriptionZERO TRUST SENIOR Auditor (assessor)MILITARY FRIENDLY & PREFERRED - HOH SPONSORZermount Inc. is seeking a Zero Trust (ZT) Senior Auditor (Assessor) who will be responsible for the oversight, development, and execution of assessments of our client's enterprise and systems to determine the compliance with ZT principles. The ZT...
-
Threat Assessor
3 weeks ago
Arlington, United States Sancorp Consulting, LLC Full time**Position Summary** Position Description: Threat Assessor Location: On-Site/Telework National Capital Region Employment Category: Full Time/Exempt Travel: Yes, some travel required Deployment: No Drug screening: Yes Security Clearance: Active TS/SCI Security Clearance Citizenship: Must be a U.S. Citizen Education: Bachelor’s Degree. **Required...
-
Cyber Risk Assessor
1 week ago
Arlington, United States Booz Allen Hamilton Full timeCyber Risk AssessorThe Opportunity:Warnings about cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you—a lead information security...
-
Cyber Risk Assessor
1 week ago
Arlington, United States Booz Allen Hamilton Full timeCyber Risk AssessorThe Opportunity:Warnings about cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you—a lead information security...
