General information
Job Posting Title Security Control Assessor - I Date Friday, June 28, 2024 City Mclean State VA Country United States Working time Full-time
Description & Requirements
Maximus is seeking a Sr. Cyber Security Program Manager to support our customer out of Colorado Springs, Colorado.*This position is contingent upon award* Maximus TCS (Technology and Consulting Services) Internal Job Profile Code : TCS032, T2, Band 5 Duties & Responsibilities
- Conduct comprehensive assessments of security controls within information systems (IS) to determine compliance and effectiveness, including pre-site, on-site, and post-assessments.
- Coordinate and perform pre-assessments, reviewing and evaluating the Body of Evidence (BoE) for completeness, identifying threats, vulnerabilities, and non-compliance areas.
- Execute formal on-site security control assessments, document findings in the Security Control Traceability Matrix (SCTM) and produce the Security Assessment Worksheet (SAW).
- Prepare and submit detailed Security Assessment Reports (SARs) within 30 days of on-site visits, providing thorough analysis and recommendations.
- Evaluate the effectiveness of Continuous Monitoring Plans, providing quarterly briefings on system compliance.
- Support the development and implementation of IS security program policies, advising on assessment and authorization issues, and assisting with the evaluation of authorization packages.
- Assist in assessing the Plan of Action and Milestones, proposed changes to authorization boundaries, and evaluating the security impact of hardware and software
Minimum Requirements :
- Active TS / SCI with the willingness and ability to obtain CI Polygraph.
- Must meet requirements as listed in DoD 8140.03 :
- A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems , or Computer Science , from an ABET accredited or CAE designated institution.
- OR- possess and maintain one of the following industry recognized certifications related to this role per the DoD Cyber Workforce Framework and DoD Manual 8140.
03 : CGRC / CAP or CASP+ or Cloud+ or PenTest+ or Security+ or GSEC.
- 1-3 years of IT cybersecurity support experience.
- Minimum 1 years of SCAR network assessment or DoD Risk Management Framework (RMF) support experience.
- Basic familiarity with the RMF process and NIST 800 document series.
- Ability to meet travel requirements per customer. CONUS and OCONUS travel are estimated to be 25% or more.
Preferred Key Skills and Abilities :
1 year of SCAR network assessment support experience
clearance #techjobs Minimum Requirements TCS032, T2, Band 5
30+ days ago