Senior Security Control Assessor with TS/SCI
Company: Information Management Group, Inc.
Location: Chantilly
Posted on: January 26, 2023
Job Description:
Founded in 1987, IMG is a leading small business that
exemplifies competence, integrity and follow-through. We
consistently provide customer focused professional services, which
ensures our company is recognized for continually exceeding
expectations. We believe that at the core of our success stand our
people. Our people have provided professional services in the
Information Technology field for our customers with a commitment to
customer satisfaction for nearly 35 years.IMG is hiring a full-time
Senior Security Control Assessor with TS/SCI at it's Chantilly, VA
location. A Security Control Assessor (SCA) is an information
security professional that provides information security Assessment
and Authorization (A&A) support throughout an NRO programs
lifecycle to Contractor and Government facilities processing NRO
information. SCAs enhance the Information System (IS) security
awareness of Directorates' & Offices' staffs, ensure that proper IS
security resources are appropriately applied, and act as an IS
liaison between the Directorates & Offices and OS&CI.SCA tasks
shall include:
- Review information systems for compliance with applicable DCID,
ICD, and NRO directives and guidance, and make recommendations to
the USG;
- Provide IS security advice and guidance in accordance with
applicable DCID, ICD, and NRO directives and guidance to Government
and industry partners for the protection of data at all
classification levels including SCI;
- Provide IS technical guidance and support in preparing
responses for USG approval to A&A questions asked by Government
and industry partners;
- Evaluate and recommend approval, disapproval, or waiver(s) for
IS processing national security data at industry and/or Government
facilities;
- Support NRO Securitys development and implementation of
directives and guidance for NRO Information Assurance, Information
Technology, and Information Management policies;
- Provide input to NRO for consideration in the promulgation of
future NRO IS security policy;
- Support and/or conduct site visits and assessments to inspect
and verify IS reports and plans at industrial and Government
locations as approved by the cognizant COTR or site Government
Point of Contact (GPOC), and provide a written report for review
and approval by the Government;
- Prepare reports and memoranda, to include, but not limited to:
Memoranda for the Record (MFR), Memoranda of Agreement (MOA),
Authorization To Proceed, and status and technical briefs for
review and approval by the Government;
- Update data and maintain Government-provided databases with
current information about Government and industry IS status and
representative contact information;
- Prepare, review, and record notification and status messages to
indicate A&A state of systems to system owner or programs in a
format approved by the Government;
- Ensure that appropriate IS security requirements including
applicable DCID, ICD, and NRO directives and guidance are addressed
and applied and that appropriate documentation is prepared by the
system owners or programs. The documentation will be contained in
the Security Assessment Package, including, but not limited to the
Concept of Operations (CONOPS) Plan, System Security Plans, System
Requirements Traceability Matrix, Risk Management Matrix, Test
Results, interface control documents, requests for changes, test
plans, and other related program security documentation;
- Track completion of the Security Assessment Report (SAR);
- Support the preparation of the SAR, including, but not limited
to, the Summary of Assessment results and Authorization
Recommendation;
- Review, coordinate, and respond to IS security issues as
requested by the Government;
- Be required to perform short term (less than 90 days) CONUS and
OCONUS travel to conduct site security inspections when approved by
the COTR;
- Provide A&A support to the Government for the protection of
special programs and tactical operations related activities.
- Ensure these documents are reported via the Data Accession List
(CDRL A008)Clearance Required: TS/SCI required for consideration.
Must be able to obtain CI Poly before starting.Baseline
Certification: Must possess and maintain, or obtain within six
months from their arrival date, professional Information Security
(IS) certification(s) appropriate for the level of duty and
responsibility of their position. Education/Experience:
- Intermediate Level:
- Masters or Bachelors degree and 10 years of experience OR
- Associates degree or HS Dipolma and 15 years of
experienceDesired Qualifications:
- Education relevant to computer engineering, information
security, information management, and/or computer science;
- Experience in technical project management.
- Practical experience performing information systems assessment
and authorization (A&A) as defined in applicable ICDs and
guidance;
- Practical experience performing the processes involved in
developing and implementing security related directives and
guidance for Information Assurance, Information Technology, and
Information Management;
- Practical experience utilizing risk management strategies for
information technology solutions;
- Technical understanding of emerging technologies and their
implementation within Government system and network
environments;
- Knowledge of information technology concepts used in the
evaluation of security performance and integrity of
state-of-the-art applications, communications systems, hardware,
software, satellite control systems, and information processing
systems;
- Technical understanding of information technology systems,
software, and networks;
- Ability to effectively coordinate A&A activities of
industry and Government information systems to meet acquisition
milestone requirements; and
- Effective technical report and general correspondence writing
ability.
- Ability to manage and track systems or programs involved in the
A&A process.
- Experience developing and implementing security related
directives and guidance for Information Assurance, Information
Technology, and Information Management; and
- Experience working with a mixed skill level team to ensure that
appropriate knowledge and skill transfer occurs.
- Ability to simultaneously manage and track multiple large scale
systems or programs involved in the A&A process;
- Experience developing and implementing security related
directives and guidance for Information Assurance, Information
Technology, and Information Management;
- In-Depth Technical understanding of information technology
systems, software, and networks;
- Effective technical report and general correspondence writing
ability.COVID-19 Regulations: As required by Executive Order 14042
and the guidance provided by the Federal Workforce Task Force, all
federal contractor employees are required to be fully compliant
with customer COVID-19 regulations. IMG will provide additional
information regarding these requirements and how you can request an
exception if needed.IMG COMPANY BENEFITS
- Health, dental, vision, and life insurance
- Short term and long term disability insurance
- 401(k) with generous company match
- Flexible Spending Accounts (FSA) and Health Savings Accounts
(HSA)
- 15 days of personal leave plus paid federal holidays
- Professional development and training assistanceInformation
Management Group, Inc. is an equal opportunity employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, sexual orientation,
gender identity, national origin, disability or veteran status.USD
$166,355.58/Yr.ID: 2022-4867 External Company Name: IMG Information
Management Group, Inc. Telecommute: No
Keywords: Information Management Group, Inc., Chantilly , Senior Security Control Assessor with TS/SCI, Other , Chantilly, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...