Security Control Assessor I

Overview

Assess and authorize security controls for SAP/SCI systems under RMF.

Key Responsibilities

• poa&m
• sar
• rmf
• continuous monitoring
• threat analysis
• incident response

Tasks

-Initiate a Plan of Action and Milestones (POA&M) with identified weaknesses for each Authorization Boundaries assessed, based on findings and recommendations from the SAR. -Ensure security assessments are completed and results documented and prepare the Security Assessment Report (SAR) for the Authorization boundary. -Evaluate Hardware and Software to determine security impact that it might have on Authorization boundaries. -Represent the customer on inspection teams. -Evaluate security assessment documentation and provide written recommendations for security authorization to the Government. -Ensure organization are addressing and conducting all phases of the system development life cycle (SDLC). -Evaluate Authorization packages and make recommendation to the AO and/or DAO for authorization. -Advise the Government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system. -Perform oversight of the development, implementation and evaluation of IS security program policy; special emphasis placed upon integration of existing SAP network infrastructure. -Discuss recommendation for authorization and submit the security authorization package to the AO/DAO. -Evaluate the effectiveness and implementation of Continuous Monitoring Plans. -Review and concur with all sanitization and clearing procedures in accordance with Government guidance and/or policy. -Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required. -Assist the Government compliance inspections. -Advise the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues. -Perform assessment of ISs, based upon the Risk Management Framework (RMF) methodology using the (JSIG). -Assess proposed changes to Authorization boundaries operating environment and mission needs to determine the continuation to operate. -Assist the Government with security incidents that relate to cybersecurity and ensure that the proper and corrective measures have been taken.

Requirements

• bachelor's
• isso
• issm
• sap
• lifting
• dod 8570

What You Bring

-Bachelor's degree in a related discipline and 5-7 years of related experience or 9-11 years of related experience without a degree. -Prior performance in the role of ISSO and ISSM. -Minimum of three (3) years' experience in SAP, SCI or Collateral Information Systems (IS) Security and the implementation of regulations identified in the description of duties. -Must be able to regularly lift 50lbs. -Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level III or Information Assurance Manager Level I within 6 months of the date of hire.

People Also Searched For

Benefits

-National Security Programs

About Gtangible Corporation

-Founded in 2009, began as a veteran-led firm combining military insight with agile support services. -Registered as a service-disabled veteran-owned small business with Delaware incorporation and CAGE code for government contracting. -Delivers national security programs, administrative/program management, and mission/warfighter support across CONUS and OCONUS. -Over the past decade, secured multi-million-dollar contracts. -Typical projects include information assurance, network defense, logistics, training development, and theater security cooperation. -Expanded into international program support and energy-focused organizational development. -Maintains small-business agility with big-agency impact.

Sector Specialisms

Security Clearance

-requires top secret/sci clearance and consent for counterintelligence polygraph