Overview: CDT is looking to add a security control assessor (SCA) to their team in Chantilly, VA. The SCA is a security professional that provides information security Assessment & Authorization (A&A) support throughout a program's lifecycle to Contractor and Government facilities processing information. SCAs enhance the Information System (IS) security awareness of Directorates & Offices staff. The candidate will also ensure that proper IS security resources are appropriately applied and act as IS liaison between the Directorates & Offices and the Government.
Clearance Requirement: An active TS/SCI with CI polygraph is required. Candidates who do not meet these requirements will not be considered, therefore, all viable applicants must be U.S. Citizens.
- Review information systems for compliance with applicable DCID, ICD, and customer directives and guidance, and make recommendations to the USG
- Provide IS security advice and guidance in accordance with applicable DCID, ICD, and customer directives and guidance to Government and industry partners for the protection of data at all classification levels including SCI
- Provide IS technical guidance and support in preparing responses for USG approval to A&A questions asked by Government and industry partners
- Evaluate and recommend approval, disapproval, or waiver(s) for IS processing national security data at industry and/or Government facilities
- Support customer Security's development and implementation of directives and guidance for customer Information Assurance, Information Technology, and Information Management policies
- Prepare, review, and record notification and status messages to indicate A&A state of systems to system owner or programs in a USG approved format
- Ensure that appropriate IS security requirements including applicable DCID, ICD, and customer directives and guidance are addressed and applied and that appropriate documentation is prepared by the system owners or programs. The documentation will be contained in the Security Assessment Package, including, but not limited to the Concept of Operations Plan, System Security Plans, System Requirements Traceability Matrix, Risk Management Matrix, Test Results, interface control documents, requests for changes, test plans, and other related program security documentation
- Ability to manage and track systems or programs involved in the A&A process
- Experience developing and implementing security related directives and guidance for Information Assurance, Information Technology, and Information Management
- Experience working with a mixed skill level team to ensure that appropriate knowledge and skill transfer occurs
- Bachelor's Degree and 5 years - OR - HS or Associate's and 7 years -OR- Master's or higher and 3 years
- IAM II Certification required (CISSP; CAP; GSLC; CISM; CASP)