Security Control Assessor
Arlington, VA

Job Description

Who We Seek:

* Passion Seekers. You genuinely care about the work that you do and its impact on society.
* Self-Starters. You're a go-getter who isn't afraid to step up and disrupt the status quo.
* Entrepreneurs. You bring fresh ideas to the table, work hard, develop business and consistently seek new challenges.
* Collaborators. You're a great contributor to a high performing team that accomplishes great feats for our clients.

OVERVIEW

We are looking for a talented Security Control Assessor (SCA) who is passionate about technology and working with cutting edge software and hardware to support our mission critical customer in Washington, DC. The ideal candidate appreciates partnering with our customer and a group of engineers to create innovative engineering solutions.

GENERAL DUTIES

* Support Risk Management Framework (RMF) mission sets.
* Develop and sustain RMF Certification and Accreditation (C&A) packages to maintain Authorization to Operate (ATO)
* Validate and upload RMF documentation into the Enterprise portal
* Process and submit Plans of Action and Milestones (POA&Ms)
* Support IT Incident Response (IR) actions and reporting
* Track reporting and processing of Cybersecurity Tasking Orders, Warning Orders and Operation Orders.
* Provide packages, templates and guidance to gain approval for new or upgraded software
* Write/develop System Security Plans (SSP) and Tenant Security Plans (TSP)
* Whitelists, Blacklists, BOGON, and other Access Control List (ACL) validation and management
* Support Cybersecurity IT internal and embedded inspection teams.
* Perform logging, correlation, and scanning with tools such as Fortify Security Control Analyzer (SCA), Assured Compliance Assessment Solution (ACAS), HP ArcSight, and Enterprise Security Management (ESM).
* Ensure DISA STIGs are implemented and enforced.
* Perform enterprise-wide risk analysis and vulnerability assessments
* Enter/manage data in the Army Portfolio Management Solution (APMS) registry and associated Assessment and Authorization (A&A) requirements for annual Federal Information Security Management Act (FISMA) reporting



QUALIFICATIONS

* 2 years of Cyber Security experience
* DOD IAT Level II Certification (CCNA Security, CySA+, GICSP, GSEC, Security+CE, SSCP, CASP CE, CISA, CSSP, GCED, or GCIH)
* Hands-on experience with associated Cyber tools (ACAS, Fortify, ArcSight, eMASS, HBSS)



CLEARANCE

Active DOD Top Secret/SCI Security Clearance

Years of Experience: 5+ years

Minimum Education Required: Associate's Degree

About Us:

Attain is a place for great ideas and the people who have them. As a management , technology, and strategy consulting firm, our professionals provide innovative solutions to revolutionize government, education, health, and nonprofit organizations and positively impact those they serve. We are business analysts, technologists, digital strategists, managers of change, and forward thinkers, with the entrepreneurial drive to shape the future. Our team is present in 40 states and the District of Columbia.

Visit www.attain.com/careers to explore your path forward with Attain.

CJ123