Security Control Assessor Representative

Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delightour customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel - and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer.

Security Control Assessor Representative

Electrosoft is seeking a Security Control Assessor Representative (SCA-R) - to support our DoD customer at Scott Air Force Base, IL. The SCA-R will independently assess the adequacy and compliance of security controls applied to the agency on behalf of the Government SCA and Authorizing Official (AO). SCA-R personnel will assist Government personnel with the overall responsibility to conduct independent comprehensive assessments of the management, operational, privacy and technical security controls and controls enhancements employed within or inherited by an IT system to determine the overall effectives of the controls for more than 40 Programs of Record in use across the Enterprise. The SCA-R will collect, provide, and maintain current documentation on authorization processes and procedures.

Duties & Responsibilities:

• Assess, identify, and provide to the Government, for AO approval, a listing of recommended enterprise security controls/enhancements that provide mission assurance for cyber USTRANCOM terrain systems supporting USTRANSCOM's mission.

• Provide SME support for RMF activities within and/or outside Enterprise Mission Assurance Support Service (eMASS) or other tool as designated by the Government.

• Provide technical and operational analyses of supporting artifacts and provide risk analysis recommendations to the SCA.

• Perform triage of authorization, POA&M, System Security Plan, System Categorization, and risk acceptance requests using the Govt RMF Artifact Quality Rubric.

• Identify non-compliant submissions, document in the Package Return Report (PRR), and submit to the Government SCA for approval and signature.

• Review security artifacts provided by program offices or other organizations and assess both technical and functional adequacy of cybersecurity/Information Assurance (IA) controls

• Perform the Independent Verification and Validation (IV&V) role within eMASS on NIPRNet and SIPRNet, verifying that controls are in-place, operating as intended, producing desired outcomes, and providing feedback to submitters on non-compliant security controls, adequacy of artifacts, and POA&M items, and provide the required PRR as needed.

• Compile Authorization Official package to include risk assessment, required artifacts, and required approval documents to support risk recommendations to the AO in accordance with Government guidance.

• Review and coordinate RMF packages such as categorizations, security plans and POA&Ms for signatures by approved authorities as designated by the Government and IAW suspense assigned by the Government.

• Manage eMASS user accounts (i.e., add, delete, and assign/update roles) for the customers instance of eMASS per Government direction.

• Track status of checklists and packages from submission through approval or disapproval decision by the AO.

Basic Qualifications

• Minimum of 5 to 7 years of related experience

• Master's or higher in: Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology and Software Engineering

• Must have a current 8140 Cyber Security compliant certification in one of the following:

• CCISO, CISA, CISM, CISSP, CISSP-ISSEP, CySA+, GSLC or GSNA

• Requires Active DoD Secret security clearance

• Thorough understanding and experience with DoD RMF tool eMASS

• Excellent written and verbal communication skills, demonstrating the ability to present material to senior DoD and non-DoD officials.

• Able to communicate effectively with senior leaders and customers to clearly present technical approaches and findings.

• Demonstrated knowledge and understanding of the DoD mission

• Experience with Ports, Protocols, Services Management (PPSM) is desired

Pay Range

$100,000-$115,000 USD

All qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, national origin, age, citizenship, disability, or Veteran status. Additionally, the company provides reasonable accommodations to qualified individuals with disabilities.

Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delightour customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel - and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer.

Security Control Assessor Representative

Electrosoft is seeking a Security Control Assessor Representative (SCA-R) - to support our DoD customer at Scott Air Force Base, IL. The SCA-R will independently assess the adequacy and compliance of security controls applied to the agency on behalf of the Government SCA and Authorizing Official (AO). SCA-R personnel will assist Government personnel with the overall responsibility to conduct independent comprehensive assessments of the management, operational, privacy and technical security controls and controls enhancements employed within or inherited by an IT system to determine the overall effectives of the controls for more than 40 Programs of Record in use across the Enterprise. The SCA-R will collect, provide, and maintain current documentation on authorization processes and procedures.

Duties & Responsibilities:

• Assess, identify, and provide to the Government, for AO approval, a listing of recommended enterprise security controls/enhancements that provide mission assurance for cyber USTRANCOM terrain systems supporting USTRANSCOM's mission.

• Provide SME support for RMF activities within and/or outside Enterprise Mission Assurance Support Service (eMASS) or other tool as designated by the Government.

• Provide technical and operational analyses of supporting artifacts and provide risk analysis recommendations to the SCA.

• Perform triage of authorization, POA&M, System Security Plan, System Categorization, and risk acceptance requests using the Govt RMF Artifact Quality Rubric.

• Identify non-compliant submissions, document in the Package Return Report (PRR), and submit to the Government SCA for approval and signature.

• Review security artifacts provided by program offices or other organizations and assess both technical and functional adequacy of cybersecurity/Information Assurance (IA) controls

• Perform the Independent Verification and Validation (IV&V) role within eMASS on NIPRNet and SIPRNet, verifying that controls are in-place, operating as intended, producing desired outcomes, and providing feedback to submitters on non-compliant security controls, adequacy of artifacts, and POA&M items, and provide the required PRR as needed.

• Compile Authorization Official package to include risk assessment, required artifacts, and required approval documents to support risk recommendations to the AO in accordance with Government guidance.

• Review and coordinate RMF packages such as categorizations, security plans and POA&Ms for signatures by approved authorities as designated by the Government and IAW suspense assigned by the Government.

• Manage eMASS user accounts (i.e., add, delete, and assign/update roles) for the customers instance of eMASS per Government direction.

• Track status of checklists and packages from submission through approval or disapproval decision by the AO.

Basic Qualifications

• Minimum of 5 to 7 years of related experience

• Master's or higher in: Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology and Software Engineering

• Must have a current 8140 Cyber Security compliant certification in one of the following:

• CCISO, CISA, CISM, CISSP, CISSP-ISSEP, CySA+, GSLC or GSNA

• Requires Active DoD Secret security clearance

• Thorough understanding and experience with DoD RMF tool eMASS

• Excellent written and verbal communication skills, demonstrating the ability to present material to senior DoD and non-DoD officials.

• Able to communicate effectively with senior leaders and customers to clearly present technical approaches and findings.

• Demonstrated knowledge and understanding of the DoD mission

• Experience with Ports, Protocols, Services Management (PPSM) is desired

Pay Range

$100,000-$115,000 USD

All qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, national origin, age, citizenship, disability, or Veteran status. Additionally, the company provides reasonable accommodations to qualified individuals with disabilities.

• 

• Government Careers