Security Control Assessor-Representative (SCA-R)

Client: Department of Defense

Location: Falls Church, VA

Remote Capability: On-Site to start

Clearance Requirement: Active DoD Top Secret

The Security Controls Assessor-Representative (SCA-R) will lead quality control and validation activities in support of the Risk Management Framework (RMF) authorization (and reauthorization) processes. This individual will work collaboratively with the ISSO Team to ensure each system authorization package satisfies quality, completeness and security requirements and standards.

Requirements

Position Responsibilities

• Review RMF Body of Evidence (BoE) artifacts in support of system authorizations
• Assess system BoE artifacts for risk associated with technical and functional implementations for the systems and the adherence of those implementations to applicable cybersecurity / information assurance controls.
• Develop and maintain the SCA-R / Verification and Validation (V&V) schedule in accordance with the timeline established by assigning and adding the necessary resources, based on the technologies that need validation and verification
• Utilize the SCA-R V&V schedule to manage timing of and to conduct assessments and validations of implemented controls and remediated Plan of Actions and Milestones (POA&M) items.
• Develop the Security Assessment Plan (SAP) for each system to facilitate assessment of all implemented security controls and technology areas through automated and manual assessments in accordance with NIST SP 800-53 and NIST SP 800-115; coordinate SAP for approval as required.
• Develop and submit V&V reports and security assessment reports IAW Agency requirements including automated and manual assessment results and all pertinent information for a comprehensive assessment of the IS for completion of the POA&M.
• Support, implement, and adhere to all NIST, Federal, DoD, DISA, and JSP policies, procedures, and standards regarding cyber security and the RMF
• Participate in and provide technical expertise to the JSP’s configuration management/configuration control boards while considering Federal, DoD and this agency’s security policies, standards and guidelines and its impact to requested changes.

Technical Areas of Expertise

• Expert knowledge of NIST RMF processes, NIST SP 800-37, NIST SP 800-53, CNSSI 1253, policies, and DoD directives
• Expert ability to create and revise standard operating procedures (SOPs), work instructions (WI), and Tactics, Techniques, and Procedures (TTPs)
• Expert ability to create presentations and present policies, guidance, and procedures to varied audiences including senior leadership levels
• An impeccable attention to detail with significant RMF auditing, or security control assessment experience
• Excellent communication skills to include writing, executive briefing, and multi-disciplinary team collaboration
• Experience supporting Project Management activities to include project scheduling, resource planning, project monitoring and controlling, and reporting

Qualifications

• Active DoD Top Secret clearance
• DoD 8570 IAT Level II Certification
• Bachelor’s Degree and 5+ years of prior experience, additional experience may be considered in lieu of degree
• Experience in providing security recommendations to senior leadership and PFPA imbedded ISSOs
• In depth knowledge of DoD cyber security policies and regulations
• 6+ years of experience in Cybersecurity area
• 5+ years Certification and Accreditation/ Assessment and Authorization
• 3+ years Security Control Assessor/Validator Experience
• 5+ years of project management work experience
• 4+ years of demonstrated aggregate experience monitoring application and system security configurations and auditing IT systems and networks for compliance with DoD Cybersecurity policy

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, 401K plan, and generous PTO and Federal Holidays.

Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!

Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.