Security Control Assessor (IA Specialist) Lead
Job Category: Security
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
* * *
What You’ll Get to Do
Are you looking for a role that will impact protecting our Homeland Security? Do you thrive in Risk Management Framework? And are you a leader who builds teams that always rise to the occasion? If yes, please keep reading!
As the Senior Information Assurance (IA) Specialist, you will be a member of a team in our Assessment & Authorization (A&A) organization responsible for managing all Risk Management Framework activities for the United States Coast Guard (USCG). You’ll also work in a dynamic environment with other Information Assurance professionals.
More About the Role
The Senior Information Assurance Specialist - Lead will be responsible for the following:
- Serve as senior member and representative of assigned team for meetings and efficiently lead internal resources to meet established milestones and targeted completion dates.
- Provide guidance, coaching and training to employees of assigned team.
- Assist in Security Assessment & Authorization Coordination
- Plan and conduct security authorization reviews of federal systems
- Manage and review Accreditation Packages
- Support USCG system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities for assigned systems.
- Provide SME knowledge of Risk Management Framework (RMF) policy and application, NIST Security Controls, and Control Implementation methodologies for the A&A process.
- Review and provide guidance on System Security Plan, Security Assessment Report (SAR), and Plans of Action and Milestones and other security documentation
- Support POA&M remediation activities and the review of POA&M closure documentation.
- Responsible for assessing and developing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical solution.
- Collaborative and communicates with parties within, and outside, of own job function. May have responsibility for communicating with parties external to the organization (e.g., customers, vendors, etc.
- Understands and supports Privacy Compliance Activities to include the review of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).
- Facilitates and monitors information assurance (IA) processes for new projects, including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M).
- Support and/or development of all Security Authorization artifacts and documentation and assembling of Authorization packages.
- Responsible for administration and adherence of the Risk Management Plan.
- Coordinate closely with the Quality Assurance Specialists in identifying and mitigating risk to meet established quality standards.
You’ll Bring These Qualifications
- US Citizenship required
- Minimum of an active DoD Secret clearance required
- University Degree (BA/BS) or equivalent experience and minimum 5 years related work experience
- CSSP-AU: At least one of the DOD 8750 IAT III certifications: CASP+ CE, CCNP Security, CISA, CISSP (or associate), GCED, GCIH, or CCSP
- Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on experience researching, writing, and submitting complete A&A documentation packages for new system authorizations.
- Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.
- Experience with continuous monitoring/ongoing authorization
- Intimate understanding of NIST RMF implementation guidance.
- In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.
- Experience assessing security controls based on cybersecurity principles and tenets. (e.g., NIST SP 800-53, Cybersecurity Framework, etc.).
- Demonstrated understanding of critical documentation required in Security Authorization (SA) Packages.
- Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).
- Experience managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.
- Experience analyzing strategic guidance for issues requiring clarification and/or additional guidance.
- Understanding of the basic concepts and issues related to cyber and its organizational impact.
- Experience as senior or lead member of a team, including experience coaching and providing guidance to less experienced or new team resources, reviewing work products, tracking deadlines, and coverage, reporting, facilitating onboarding/offboarding procedures, etc.
- Experience with administrative planning activities, to include preparation of functional and specific support plans and preparing and managing correspondence.
These Qualifications Would Be Nice to Have:
- Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) process as it relates to Security Assessment and Authorization (SA&A)
- Hands on experience with eMASS
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
-
______________________________________________________________________________
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here.
______________________________________________________________________________
Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.
The proposed salary range for this position is:
$94,400 - $198,300
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.