Security Controls Assessor (TS/SCI)
Suitland, MD
Job Id:
130639
Job Category:
Job Location:
Suitland, MD
Security Clearance:
TS/SCI
Business Unit:
Zachary Piper
Division:
Zachary Piper Solutions
Position Owner:
Michaela Kreiter
Zachary Piper Solutions is seeking a ISSOs/Security Assessors to support an Office of Naval Intelligence program outside of Washington, D.C. The team is seeking security assessors and ISSOs to support ONIs cyber division in security assessment, compliance, documentation, and risk management.
Location: Suitland, MD (100% on-site)
Number of positions: 2 (1-Mid, 1- SCA)
Responsibilities of the ISSO/Security Assessor:
· Implement and utilize NAVINTEL ICD 503 Risk Management Framework (RMF) Implementation Policies/Directives and Department of Navy (DON) cybersecurity Policies/Directives
· Use automated tools such as ACAS, CIS, SCAP, and Retina
· Documentation of A&A, SOPs, RMF development, and POA&Ms
· Engage with Navy stakeholders
· Conduct Test & Evaluation (T&E)
· Conduct security control assessments and A&A
Qualifications of the ISSO/Security Assessor:
· 3-6+ years of experience in cybersecurity or equivalent field
· Top Secret SCI eligibility clearance
· Bachelors degree in a technical subject, additional years of experience in lieu of a degree
· Certifications:
o Mid ISSO: CAP, CASP+, CISM, CISSP, GCLC, CCISO, HCISPP
o Security Controls Assessor/Validator: CISM, CISSP, GSLC, CCISO, Experience certification as a Navy qualified Validator
· U.S. Navy A&A experience as a civilian, active duty, or reserves (highly desired)
Compensation of the ISSO/Security Assessor:
· Compensation: $120,000 (Mid) - $165,000 (SCA) based on certifications
· Full benefits: PTO/Holiday, Medical, Dental, Vision, Certification reimbursement
· Long-term program
Keywords: information assurance, Navy, Naval, A&A, SCAP, CISM, CASP+, RMF, Risk management framework, ATO, authority to operate, ISSO, cyber, cyber security, security analyst, Top secret, TS, security clearance, On site, Washington, D.C., ONI, IAM III, IAM II, IAT III, ACAS, HBSS, cyber security, DOD, department of defense, NIST, Arlington, Washington D.C., CND, Computer network defense, computer defense, network security, network security engineer, CND engineer, cyber engineer, cyber security engineer, network administrator, network admin, firewall admin, firewall administrator, Top secret/sci, sensitive compartmented information, TS/SCI, intelligence agency, intel agency, DOD, department of defense, network monitoring, Elkstack, Ansible, scripting, POA&M, Nessus, ACAS, vulnerability, ELK, Mcafee, HBSS, SCAP, SCCM, Configuration manager, configuration management, Logstash, Windows, RHEL, ISSM, ISSO, remediation, security+, IAT II, sec+, security clearance, security, log analysis, malware, routing, switching, firewalls, network administration, CND, SOC, watch floor, NOC, network operations center, security operations center, risk assessment, RMF, risk management framework, threat mitigation, threat hunter, cyber threat, security breach, security events, risk analysis