Security Control Assessor (Cyber Security)
Chenega
- Charlottesville, VA
- Permanent
- Full-time
Responsibilities
- Lead and perform compliance reviews of computer security plans, perform risk assessments, and validate and perform security test evaluations and audits.
- Analyze and define security requirements for information protection for enterprise systems and networks.
- Assist in the development of security policies.
- Analyze the sensitivity of the information and perform vulnerability and risk assessments based on defined sensitivity and information flow.
- Responsible for auditing the most complex new and existing information systems applications to ensure that appropriate controls exist, that processing is efficient and accurate, and that information systems procedures are compliant with corporate standards.
- Other duties as assigned.
- Bachelors of Arts/Science, or Masters preferred, additional years of experience used in lieu of degree.
- 10+ years of experience in protected information environments (i.e., SIPR, SAP, JWICS, etc.)
- IAM Level III certification (CISM, CISSP (or associate), GSLC, or CCISO) by DoD 8570.01-M
- Active TS/SCI clearance
- Knowledge of and experience with ICD 503 and the government's assessment and authorization process.
- Current knowledge of cloud-computing technologies and security as they relate to Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS)