Security Control Assessor (SCA)

LSINC is a workplace that is compliant with Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors.

The SCA's primary function will include working within Special Access Programs (SAPs) to provide the Government advice and management of security of Information Systems (IS) directly under their purview in accordance with Federal Government and Department of Defense (DoD) Cybersecurity policies/ instructions, using the JSIG as the overlaying standard. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

Responsibilities include, but are not limited to:

• Conducting information systems security assessments on behalf of the Authorizing Official (AO) in accordance with the Federal Government and Department of Defense (DoD) Cybersecurity policies/instructions using the Joint Special Access Program SAP Implementation Guide (JSIG)
• Conducting comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an information system (IS) to determine the overall effectiveness of the controls
• Assessing the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities to the ISO and AO
• Advising the Information System Owner (ISO), the responsible Information System Security Manager (ISSM), and the Program Security Officer (PSO) concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system
• Evaluating threats and vulnerabilities to IS to ascertain the need for additional safeguards
• Reviewing and approving the IS security-related documentation
• Ensuring security assessments are completed for each IS and prepare the final Security Assessment Report (SAR)
• Initiating, if required, a Plan of Action & Milestones (POA&M) with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR
• Evaluating security assessment documentation and providing written recommendations for security authorization to the AO
• Developing recommendations for authorization and submitting the security authorization packages to the AO
• Assessing proposed changes to ISs, their environment of operation, and mission needs that could affect system authorization
• Providing assistance to the appointed ISSM and/or center ISSOs in the enforcement of Federal Government and Department of Defense (DoD) Cybersecurity policies/ instructions, using the JSIG as the overlaying standard
• Conducting and documenting inspections to ensure all necessary physical security features are in place, environmental requirements are being and providing documentation to the ISSM
• Conducting audits on all relevant systems and submit reports to the ISSM and AO to ensure proper configuration and vulnerability management policies are being properly documented and adhered to
• Gathering or preparing documentation for inclusion into IS security-related plans or bodies of evidence to be used in assessments
• Conducting IS security-related initial and annual refresher briefings.

Basic Qualifications:

• 3-5 years related experience
• Bachelor's degree in a related area or equivalent experience (4 years)
• Must possess CompTIA Security+ or Certified Information Systems Security Professional (CISSP)
• Must have completed Introduction to the Risk Management Framework RMF course (CS124.16) or be able to complete within 60 days of start date.

Security Clearance Requirements:

• Current Top Secret Clearance with SCI Eligibility
• Eligibility for access to Special Access Program Information

Preferred Qualifications:

• Must be familiar with current security policy/manuals
• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)
• Possess a high degree of originality, creativity, initiative requiring minimal supervision
• Willingness to travel within the organizational geographic Area of Responsibility (AOR)

Physical Requirements:

• Must be able to lift up to 50 lbs., climb stairs, ladders, and enter crawl spaces (both above ceiling and below raised floors) to conduct physical inspection of designated security areas and building spaces.
• Must be able to remain in a stationary position 50% of the time
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.

LSINC is an equal employment opportunity employer. Employment decisions are based on merit and business needs, and not on race, color, national origin, gender, age, religion, physical or mental disability, genetic information, sexual orientation, gender identity, marital status, veteran status, political affiliation, or any other factor protected by law. If you require a reasonable accommodation to apply for a position with LSINC Corporation through our online applicant system please email {apply below} for assistance. Minorities, females, disabled and protected veterans are urged to apply.

Recommended Skills

• Assessments
• Auditing
• Certified Information Systems Security Professional
• Comp Tia Security+
• Computer Security
• Confidentiality