Security Control Assessor III/Team Lead
Fairfax County, VA
Business Group Highlights
Civilian, State and Local
Perspectas Civilian, State and Local segment partners with the U.S. Federal Civilian State and Local governments to provide infrastructure services, business solutions, and digital transformation services that help them achieve policy objectives and integrate citizen-centric services.
- Perform and lead Risk Management Framework (RMF) assessments, authorizations, and monitoring steps for systems following NIST and ICD 503 standards and best practices.
- Work in close coordination with all system stakeholders - Create and maintain existing information system security documentation, including System Security Plan (SSP), Security Controls Matrix and/or Assessment, and Security Configuration Guide (controlled changes to the system).
- Develop or modify implementation and design documents describing how security features are implemented. Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions.
- Performs host, network, cloud, application based security control assessments
- Create security policies and maintain existing information system security documentation
- Conduct comprehensive assessment of the management, operation, and technical controls to determine overall effectiveness of controls
- Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package
- Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness and ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
- Participate in the change management process, including reviewing Requests for Change (RFC) and assist in the assessment of a potential change's security impact
- Conduct daily, weekly and monthly audit review and management of the audit collection system
- Continuously review and evaluate vendor, security, and business best practices for implementing a comprehensive audit program
- Remain sensitive to security infractions and assist in security investigations and responses as requested
- Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage
- Bachelors degree required and 7 years of experience applying RMF, 800-53 and Government IT security frameworks
- Knowledge of IT audits, including conducting technical security compliance tests and vulnerability assessments.
- Certifications in at least one of the following such as SCP, Cisco Certified Network Associate (CCNA)-Security, GIAC Security Essentials Certification (GSEC), Certified Information Systems Auditor (CISA), GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), CISSP, CompTIA Advanced Security Practitioner (CASP) or comparable
- Knowledge of Government security requirements for access control
- Demonstrated ability to use MS Office Suite to include Word, PowerPoint, and Excel.
- Superior communication skills, both written and oral.
- US Citizenship
- A U.S. Government TS/SCI Clearance
- Advanced degree in Computer Science, Cyber Security, Mathematics, or Engineering is highly desirable.
- DHS Suitability and experience
What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sectorfrom investigative services and IT strategy to systems work and next-generation engineering.
Our promise is simple: never stop solving our nations most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to just that, as a partner of choice across the entire sector.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories.
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed
As a government contractor, Perspecta abides by the following provision
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)