OASIS Systems, LLC has an exciting opportunity for a Security Control Assessor. This position provides Security Control Assessor Representative (SCAR) Team support to the Business Enterprise Systems Directorate (AFLCMC/HIQ) located at Maxwell-Gunter AFB, AL.
This position provides Security Control Assessor Representative (SCAR) Team support to the Business Enterprise Systems Directorate (AFLCMC/HIQ) located at Maxwell-Gunter AFB, AL.
The successful candidate will perform work that applies a broad theoretical and practical knowledge of Cybersecurity. The functions required to be performed by individuals in this specialty may include:
- Ensure system/application policies and procedures reflecting the legislative intent of applicable laws and regulations for the network environment/system are followed.
- Review application/systems plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
- Participate in an Information System Assessment Process (SAR).
- Assess security requirements for hardware, software, and services acquisitions specific to network environment/system cybersecurity programs.
- Ensure that cybersecurity enabled software, hardware, and firmware comply with appropriate network environment/system security configuration guidelines, policies, and procedures.
- Ensure that network environment/system Information System recovery processes are monitored and that cybersecurity features and procedures are properly restored.
- Review cybersecurity plans for the network environment/system.
- Test/Validate Controls.
- Use eMASS to review Controls.
- Review Plan of Actions and Milestones (POA&M) entries.
- Ensure that cybersecurityinspections, tests, and reviews are coordinated for the network environment/system.
- Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed.
- Provide leadership and direction to network environment/system personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.
- Advise the AO, AODR, and application/system owner of any risks or vulnerabilities discovered.
- Prepare Security Assessment Reports for systems/applications reviewed.
- Possess at least 5 years of Information Assurance/Cyber Security Experience.
- Be able to apply knowledge of IA policy, procedures, and workforce structure to develop, implement and maintain a secure network environment.
- A GSLC, CISM, or CISSP certification (DoD 85-70, IAM Level III Certification) is required. However, the responsibility to attain a CISSP certification within 6 months is also a contingency that will be considered.
- Candidate must have an active US DoD security clearance.