Back to jobs
OneZero Solutions

Security Control Assessor (Mid/Senior)

Washington, DC, 20001, USPosted 4 days ago
Full-timeonsite

Job Description

We are an employee-centric company that truly values our team members and the contributions they make to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and on building teams that are, and continue to be, technically proficient across a broad range of cyber mission areas. OneZero full-time employees receive a highly competitive benefits package, including health, dental, vision, and life insurance, a 401(k) with company matching, paid time off and holidays, an employee referral program, and educational assistance. Additional details are available on our website: https://www.onezerollc.com/careers/

Position Title: Security Control Assessor (Mid/Senior)

Location: On-site in a SCIF in the National Capital Region (NCR) – Nebraska Avenue Complex, Washington, DC (work locations transitioning to ICCB Bethesda / St. Elizabeths). Telework is not authorized; a designated Key Person must be available on-site during core hours

Clearance: TS/SCI

Job Summary:

The Security Control Assessor (SCA) is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).

 

Education and Experience:

  • Mid-level: 3-5 years of experience
  • Senior level: 7-10 years of experience
  • Degree in Computer Science or related discipline from an accredited college or University required or the equivalent (7 years') combination of education, professional training or work experience.
  • At least one of the following certifications: Security+, CAP, CASP, GSLC, CISM, CISSP

Essential Duties:

  • Assess technical, operational, and management controls
  • Document findings in Security Assessment Reports (SARs)
  • Recommend corrective actions for identified vulnerabilities
  • Validate system security plans and control implementations
  • Evaluate Authorization packages and make authorization recommendations.
  • Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required.
  • Advise the Information System Security Officer (ISSO) concerning the impact levels for confidentiality, integrity, and availability for information on a system.
  • Review and approve the IS Security Control Assessment Procedures, the Security Assessment Plan (SAP), the System Security Plan (SSP), and the Security Control Traceability Matrix (SCTM).
  • Perform configuration management of a client central repository for authorization documentation (i.e., Body of Evidence (BOE)), which is maintained using an Assessment and Authorization (A&A) workflow software application.
  • Thorough knowledge of NIST 800-53 security controls and required documentation.

OneZero Solutions, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.

To request an accommodation, please contact us at [email protected] or call (202) 987-2580.

 

Security Control Assessor (Mid/Senior) at OneZero Solutions | Renata