Talent.com
Security Control Assessor

Security Control Assessor

G-force Solutions IncArlington, Texas, United States
30+ days ago
Job type
  • Full-time
Job description

Description

Position Overview

The Security Control Assessor must fulfill a variety of cybersecurity functions, to include : System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology (PIT) assessment and authorization, Information Assurance and Technical Security for AIS, Information Technology (IT) Network Administration & Support, and Information System Security Officer support. Will perform the IA tasks necessary to ensure that the existing DARPA IA program meets National, DoD, and DARPA IA standards, and continues to protect and defend DARPA information and Information Systems (IS) by ensuring the confidentiality integrity, availability, authentication, and non-repudiation of the systems.

The Senior Cybersecurity Specialist possesses experience in successfully participating in DoD Special Access Program Joint Certification and Accreditation, Assessment, and Approval events for DoD Joint cyber ranges and / or jointly accredited SAP information systems. The DARPA systems to be protected include systems that process and store information from controlled unclassified (CUI) up to Top Secret, including SAP and SCI caveats / compartments.

Duties shall include, but are not limited to the following :

  • Must possess experience in successfully meeting and participating in Defense Information System Agency (DISA), National Security Agency, and USCBYERCOM Computer Network Defense Program (CNDSP) and CBYERCOM Computer Readiness Inspections (CCRI)
  • Experience with network security devices, classified Local Area Networks, Wide Area Networks, public key infrastructure (PKI), virtual machines, and end-point security solutions.
  • Must be thoroughly familiar with, understand, and be able to apply the standards and requirements contained in the following :
  • DoD Instruction 5220.22 National Industrial Security Program (NISPOM) Operating Manual, Chapter 8
  • Defense Security Service Manual for the Certification and Accreditation of Classified Systems under the NISPOM Version 3.2
  • DoD Directive 5205.16 The DoD Insider Threat Program
  • NIST SP 800-53 Rev. 4, Security and Privacy Controls for Federal Information Systems and Organizations
  • DoD Joint Special Access Program Implementation Guide (JSIG)
  • Committee for National Security System Policy (CNSSP) Policy (CNSSP) No. 22 on Information Assurance Risk Management for National Security Systems
  • CNSSP No. 26 National Policy on Reducing the Risk of Removable Media
  • Committed for National Security Systems Directive (CNSSD) No. 504 Directive on Protecting National Security Systems From Insider Threat
  • Committee for National Security System Instruction (CNSSI) No. 1253 Security categorization and Control Selection for National Security Systems
  • DoDD 8000.1, Management of DoD Information Resources and Information Technology
  • DoD Directive 8100.2, Use of Commercial Wireless Devices, Services, and Technologies in the DoD Global Information Grid (GIG)
  • DoDD 8140.01 Cyberspace Workforce Management
  • DoDI 8500.01 Cybersecurity
  • DoD Instruction 8510.01 Risk Management Framework (RMF) for DoD Information Technology
  • DoD Directive 8530.1, Computer Network Defense (CND)
  • DoD Instruction 8530.2, Support to CND
  • DoD Instruction 8551.1, Ports, Protocols, and Services Management (PPSM)
  • DoD Manual 8570.01-M Information Assurance Workforce Improvement Program
  • DCID 6 / 3, Protecting SCI within Information Systems
  • Intelligence Community Directive (ICD) 503
  • Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B Cyber Incident Handling Program
  • Defense Federal Acquisition Regulation Supplement (DFARS)
  • Clause 253.204-7012 : Safeguarding Unclassified Controlled Technical Information
  • DoDI 8581.01 Information Assurance Policy for Space Systems Used by the Department of Defense

Note : The legacy cybersecurity / information security accreditation governance documents are listed due to the state of transition of network accreditation guidance and the fact that networks may be operating under legacy certification and accreditation guidance.

  • Ensure system security requirements are addressed during all phases of DARPA program life cycles (concept development, Request for Information (RFI), Request for Proposal (RFP) or BAA, Proposal, Selection, Award, Closeout, Transition, etc.).
  • Planning, preparing, and executing inspections, authorization and approval (A&A) events IAW with the respective policies detailed in paragraph 3.12.c. for all classifications of networks; to include the development and review of Automated Information System Authorization and Approval Packages.
  • Develop, review, endorse, and recommend action by the authorizing official (AO), delegated authorizing official (DAO), or designated approval authority (DAA) for system certification documentation

    • Conduct quality control of system accreditation packages for completeness of accreditation artifacts within 3 business days of receipt from the technology office security staffs or their cleared defense industry contractors and / or participating government agencies.

  • Process authorization and approval or denial documentation to the respective DAPRA AO / DAO / or DAA within 10 business days of receipt of a complete package
  • Conduct security control assessments for the evaluation of security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for an AIS
  • Provide an assessment of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities
  • Analyze and make recommendations in support of DARPA accredited network Configuration Control Board cases within 10 calendar days of case validation by the respective network’s Information System owner
  • Monitor activities of DARPA accredited networks and DARPA DAO Accredited performer networks
  • Provide advice, assistance, and analysis of threats and vulnerabilities and risk mitigation and acceptance recommendations, as required. Conduct certification tests that include verification that the features and assurances are functional and support accreditation
  • Work collaboratively with the MSO / Information Technology Directorate (ITD) in the authorization and approval and continuous monitoring of DARPA unclassified and classified networks; including but not limited to :
  • DARPA Management Security System (DMSS) Unclassified
  • DARPA Public Network (DPN) - Unclassified
  • DARPA Secret Network (DSN) / Secret Internet Protocol Router Network (SIPRNet) Connection up to SECRET Collateral
  • DARPA Joint Worldwide Intelligence Communications System (JWICS) Network (DJN) / JWICS Connections up to TOP SECRET SCI
  • DARPA Secure Wide Area Network (DSWAN) up to SECRET Collateral
  • Multi-Level Security System (SAVANNAH) up to TOP SECRET SAP and SCI
  • Review and recommend changes or amplification of policy, procedures, and strategy development
  • Evaluate Information Assurance (IA) products and provide written recommendations as to their risk and usefulness and / or adoption for the DARPA IA mission
  • Evaluate information technology (IT) vulnerabilities to assess whether additional safeguards are prudent and ensure certification is accomplished for each information system
  • Develop and maintain a formal, written Information Systems Security Program SOP
  • Ensure all Information System Security Officers (ISSO), network administrators, and other Automated Information Security (AIS) personnel, to include DARPA performers performing these functions, receive the necessary and required technical and security training to carry out their duties
  • Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local AIS security training.
  • Maintain a repository for all system certification / accreditation documentation and modifications
  • Coordinate AIS security inspections, tests, and reviews
  • Prepare policies and procedures for responding to security incidents and for investigating and reporting security violations and incidents
  • Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered
  • Assess changes in a system, its environment, or operational needs that could affect the accreditation
  • Ensure configuration management (CM) for security-relevant AIS software, hardware, and firmware is maintained and documented
  • Perform system audits on multiple systems; work closely with system administrators and ensure current security measures are sufficient and in compliance with approved policies and processes
  • Perform, and conduct training as required, for the execution of secure file transfers / trusted downloads between local systems to storage devices, this includes secure down writing of data between systems of different security levels
  • Provide technical advice and assistance, as required, and perform technical oversight on telecommunications requirements for Collateral, SAP, and SCI systems and networks
  • In coordination with SID Emergency Management, review and provide AIS security relevant input to DARPA Emergency / Disaster plans and procedures.

    • Requirements

    Required Skills (Knowledge, Skills, Abilities)

  • Relevant work experience as specified for an Information Assurance Technical (IAT) Level III or Information Assurance Management (IAM) Level II in DoD Manual 8570.1-M
  • Extensive knowledge of RMF (Risk Management Framework)
  • Experience assessing and authorizing various PIT systems (of all classification levels) including but not limited to; space systems, manned and unmanned aircraft systems, manned and unmanned underwater vessels, cyber operation platforms, cyber capabilities, directed energy systems, and hand-held battle field orientation electronic devices

    • Professional Business Functions

  • Attend meetings (either locally or out-of-area) and create meeting summaries or trip reports
  • Prepare and submit meeting minutes on an as-required basis
  • Prepare / present briefings, incorporating graphics (if appropriate) for / to SID / DARPA leaders
  • Prepare various security forms associated with their duties
  • Assist in entry control and perform escort duties for visitors
  • Answer telephones and other modes of administrative communications in the performance of duties
  • Perform self-inspections, identify security discrepancies, and report security incidents
  • Perform, or support, security inspections, identify security discrepancies and prepare reports
  • Perform courier duties within the continental United States (CONUS)
  • Perform user-level security administrator and information security responsibilities are required and in compliance with US Codes, Executive Orders, and DoD and DARPA policy
  • Perform objective reviews on all documentation encountered during performance of duties

    • Clearance

  • Minimum of active Top Secret (TS)
  • TS / SCI strongly desired
  • Subject to a random counter-intelligence scope polygraphs as a condition of access eligibility.

    • Years of Experience / Education Requirements

  • The Senior Cybersecurity positions require a Bachelor’s degree in Computer Science or Information Systems with at least 12 years of specific, demonstrable, and successful experience fulfilling a Cybersecurity role for a DoD or IC customer on similar size and scale.
  • A Master’s degree in Computer Science or Information Systems may substitute for 4 years of relevant experience.

    • Certification Requirements

  • DoD Approved Baseline Certification as a CISSP IAW DoD 8570.1-M

    • Travel Requirements

  • Some travel is required for this position.
  • Ability to travel to CONUS and / or OCONUS locations
  • Must have active US passport for OCONUS travel requirements

    • G-Force Solutions, Inc. is an Equal Opportunity / Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

    Create a job alert for this search

    Security Control Assessor • Arlington, Texas, United States

    Related jobs
    • Promoted
    Security Sales Representative

    Security Sales Representative

    CornerStone StaffingGrand Prairie, TX, US
    Full-time
    CornerStone Professional Placement.This role is ideal for a motivated sales professional who excels at relationship-building, consultative selling, and identifying client needs in the commercial se...Show moreLast updated: 1 day ago
    • Promoted
    Remote Inbound Security Sales Associate

    Remote Inbound Security Sales Associate

    SP Data DigitalFort Worth, TX, US
    Remote
    Full-time
    We are SP Data Digital, and we like to shake things up! We promote great culture and embrace a team of entrepreneurs that think outside the box and challenge the status quo.We work hard and encoura...Show moreLast updated: 30+ days ago
    • Promoted
    MTA - Sr. Application Security Engineer

    MTA - Sr. Application Security Engineer

    MCKESSONIrving, TX, United States
    Full-time
    McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare.We are known for delivering insights, products, and services that make quality care more accessibl...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    TXSEDallas, TX, US
    Full-time
    We’re looking for a Security Engineer who’s excited to work across the full security stack.You’ll help us stand up and mature key capabilities—including Vulnerability Manage...Show moreLast updated: 5 days ago
    • Promoted
    Staff Security Engineer - Industrial Control Systems

    Staff Security Engineer - Industrial Control Systems

    Union TechnologiesDallas, TX, US
    Full-time
    Union Technologies is reindustrializing America’s defense manufacturing base with a first-of-its-kind Factories-as-a-Stockpile™ model, integrating advanced robotics, manufacturing, and ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst I

    Security Analyst I

    BEAR TechnologiesPlano, TX, US
    Full-time
    We are seeking a highly skilled and motivated Security Analyst to join our team.The successful candidate will be responsible for incident response, threat and vulnerability management, and threat m...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst

    Security Analyst

    Aspira ConnectDallas, TX, US
    Full-time
    For more than 40 years, Aspira has been the market-leading provider of software and services that help public agencies protect natural and cultural resources while making them accessible for all.Ou...Show moreLast updated: 30+ days ago
    IBM Security Expert

    IBM Security Expert

    Two95 International Inc.Dallas, TX, US
    Full-time
    Quick Apply
    IBM Identity and Access Management Expert.Environment is 8M in Datapower, Q radar.Looking for a guru to architect and implement and Identity and Access Management Solutions.Strong focus on Qradar, ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Armed Shift Lead (Evenings)

    Security Armed Shift Lead (Evenings)

    SecuritasMesquite, TX, US
    Full-time
    Focus on the core content of the job post, removing all unnecessary metadata, navigation mentions, and extraneous details. The goal is to present a clean, beautiful, and high signal-to-noise ratio j...Show moreLast updated: 1 day ago
    Senior / Lead - Information Security Assessor

    Senior / Lead - Information Security Assessor

    Cloudious LLCDallas, TX, United States
    Full-time
    Quick Apply
    Location : Texas, USA (Dallas and San Antonio).Fully Onsite working in client offices Nature of work : < / b&...Show moreLast updated: 3 days ago
    • Promoted
    Security Professional - Access Control Driver

    Security Professional - Access Control Driver

    Allied UniversalIrving, TX, US
    Full-time +1
    Security Professional - Access Control Driver.As a Security Professional - Access Control Driver in Frisco, TX, you will serve and safeguard clients in a range of industries such as Residential, an...Show moreLast updated: 7 days ago
    • Promoted
    Security Officer - Access Control Monitoring

    Security Officer - Access Control Monitoring

    Clearance JobsLewisville, TX, US
    Full-time
    Security Officer - Access Control Monitoring.Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide a sense of purpose.While working...Show moreLast updated: 5 days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    GoodLeapPlano, TX, US
    Full-time
    GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, w...Show moreLast updated: 13 days ago
    • Promoted
    Security Engineer

    Security Engineer

    Secur-ServFort Worth, TX, US
    Full-time
    Secur-Serv is a leading managed services provider of IT, print, and hardware services, with a security focus at the core of every service. Secur-Serv provides nationwide, on-site service to business...Show moreLast updated: 28 days ago
    • Promoted
    Access Control Technician - DIRECT HIRE

    Access Control Technician - DIRECT HIRE

    TalentLogistixDallas, TX, US
    Permanent
    Our focus is physical Installation of Video, Access.We offer a schedule that provides work / life balance with most weekends off and a maximum of 50 hours a week. Everyone that joins our team becomes ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer - Detection & Response

    Security Engineer - Detection & Response

    NerdyDallas, TX, US
    Full-time
    You are an AI-powered Security Engineer responsible for identifying and responding to malicious or suspicious activity across our environment with speed and confidence. This role leads the engineeri...Show moreLast updated: 26 days ago
    • Promoted
    Target Security Specialist

    Target Security Specialist

    TargetFort Worth, TX, US
    Full-time
    Working at Target means helping all families discover the joy of everyday life.We bring that vision to life through our values and culture. Assets Protection (AP) teams function to keep our guests, ...Show moreLast updated: 30+ days ago
    • Promoted
    Inside Sales Associate

    Inside Sales Associate

    Security Equipment Supply IncCarrollton, TX, US
    Full-time
    Security Equipment Supply, Inc.About Security Equipment Supply (SES).Security Equipment Supply (SES) is a second-generation, family-owned distributor of low-voltage electronics.Since 1982, we'v...Show moreLast updated: 30+ days ago