Summary:

The Security Control Assessor – Representative will perform a risk-based review and evaluation A&A process for classified systems to evaluate system security plans (SSPs) leading to an authorization decision. There is a requirement to be onsite at customer facility in Hanover, MD three days per week and could be increased to five days per week, depending on the government requirements.

Essential Job Functions:

• Maintain expert-level knowledge of all NIST 800-53 Security Controls
• Maintain working knowledge of DoD, DCSA, and NIST RMF guidance and policies
• Perform SSP reviews in accordance with the plan
• Use critical thinking to aid decision-making and highlight paths that will help achieve desired outcomes during risk-based analysis
• Assess SSPs, document the findings, and make recommendations
• Review and evaluate A&A artifacts in submission documentation
• Provide information security services such as system security documentation evaluation and other support activities connected with the implementation of the Risk Management Framework (RMF)
• Evaluate system security package submissions for authorization of classified systems against defined DCSA and Government technical standards.
• Acquire and maintain NISP eMASS account for daily use
• Attend and participate in training on the NISP eMASS tool
• Be familiar with the NIST RMF and be able to process and track packages through the NISP Enterprise Mission Assurance Support Service (eMASS).
• Use NISP eMASS as an approved repository for artifacts and Plans of Action and Milestones (POA&M)
• Provide written documentation for each SSP review that includes:

Necessary Skills and Knowledge:

• Cybersecurity experience
• Proficiency in Microsoft Office Suite
• Working knowledge and skills in eMASS

Minimum Qualifications:

• Certified at IAT II (CCNA Security, CSA+, GICSP, GSEC, Security+ CE, SSCP) 
• 3-5 yrs. experience in information protection, threat protection, architecture, or system security operations
• Approved personnel with Secret clearance
• Pass an employer background check
• Experience in vulnerability and risk assessment, architecture, and network configuration

Preferred Qualifications:

• Computer Science, information technology or cyber security degree or 5-7 year work experience in IAT I and II environment
• eMASS skills
• Process engineering

Pay and Benefits

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.