Security Control Assessor - Springfield VA

Job Description

ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps.

Security Control Assessor (Authorizing Official)

Position Summary:

As Security Control Assessor (Authorizing Official/AO) you will provide cybersecurity support to the National Geospatial-Intelligence Agency (NGA) in Springfield, VA. You will award authorization to operate (ATO) for systems and/or networks based on the determination of acceptable risk.

Clearance Requirement:
Must have an active DoD Top Secret/SCI security clearance
Essential Functions and Responsibilities:
Manage and approve accreditation packages (e.g., ISO/IEC 15026- 2).
Establish acceptable limits for the software application, network, or system.
Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
Manage accreditation packages (e.g., ISO/IEC 15026-2)

Additional Qualifications/Responsibilities

Required Education, Skills, and Experience:
Bachelor's degree in technical discipline from an accredited college or university
Certification Requirements:
lAM Level II certification (CAP, CASP+, CISM, CISSP or equivalent)
Three (3) year of full-time professional experience in establishing, implementing, and tracking project plans (more experience required for sr. level openings).
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles and tools.
Knowledge of Security the Risk Management Framework (RMF) and Assessment and Authorization process.
Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Ability to coordinate cyber operations with other organization functions or support activities.
Physical Demands and Expectations:
Regular physical activity to include walking, climbing stairs, bending, stooping, reaching, lifting (up to 15 pounds), and standing; occasional prolonged sitting
Ability to speak, read, hear and write, with or without assistance
Ability to use phone and computer systems, copier, fax and other office equipment