Security Control Assessor

The Security Control Assessor (SCA) will conduct and document a comprehensive assessment of the management operational and technical security controls employed within or inherited by an information system. The SCA will determine the overall control effectiveness through documentation review inspections testing and interviews. The role will provide an assessment of the severity of weakness or deficiencies and recommend corrective actions to address identified vulnerabilities. The SCA will provide initial mitigation of Cybersecurity incidents support incident investigations and closure of the incidents. The position will provide assessment of proposed technology (hardware software and firmware) for Cybersecurity vulnerabilities.

Responsibilities

• Assessment Package Feedback which focuses on the documentation submitted to support the various steps of Risk Management Framework (RMF). Recommend a format for this document for government approval.
• Security Assessment Report which focuses on the assessment of an information system in support of the authorization determination. Shall provide a draft report using the government provided template; may recommend format changes for government consideration.
• Periodic Cybersecurity Assessment Report or Security Compliance Report which focuses on the assessment of a Cybersecurity program at a location. Shall provide a draft report using the government provided template; may recommend format changes for government consideration
• Cybersecurity Incident Reports which focus on documenting Cybersecurity incidents. Shall provide a draft report using the government provided template; may recommend format changes for government consideration.
• Technical Assessment of Hardware Software or Firmware. Shall document the technical assessment addressing Cybersecurity vulnerabilities via a government agreed format such as a Help Desk ticket application electronic mail memorandum etc.
• Develop an annual compilation of findings and observations based upon the Security Assessment Reports and Periodic Cybersecurity Assessment Reports or Security Compliance Reports based upon fiscal year assessments. The format shall be recommended for government approval. The compilation shall be void of system names system identification numbers government or contractor locations and individual names.
• Draft and / or preliminary documents shall be presented in one of the following electronic formats : Microsoft Office version 2007 compatible (.docx .xlsx or .pptx) or the standard Portable Document Format (PDF) format. Final and / or approved format shall be determined by the government; may recommend additional formats.
• Incumbent travel requirements are approximately 30% annually to support critical business needs. Travel location are CONUS and some OCONUS locations.

Requirements

Desired Skills

About Us

For more than 20 years NewGen Technologies has solved our clients toughest IT challenges with integrity security and outstanding service by delivering both technology and talent. We have helped secure borders have used artificial intelligence (AI) to fight terror aided the identification of criminals and have helped to prevent crime through the introduction of team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ

Key Skills

Intelligence,Information Technology Sales,Accounts,Auto Parts,Data Analysis

Employment Type : Full Time

Experience : years

Vacancy : 1