(224) Security Control Accessor

At least 5+ years of cybersecurity experience including a senior technical or management role. Bachelor’s degree in computer science/information technology, or other related degree fields (master’s degree is preferred or at least 5 years of related experience). At least one IAT/IAM or equivalent security certifications ex. Sec+, CISSP, CCSP, CISM, CISA, or CASP. Experience working with OSD leadership or Military component or branch. Understanding of NIST 800 series guidelines, DoDI 8500.01, DoD 8140.03, rISO 27001, COBIT, DoD RMF, OVL, and current cybersecurity best practices. Excellent communication/presentation skills briefing senior military and government civilian leadership. Experienced with writing standard operating procedures. Experience in hands on with eMASS, Xacta and/or other GRC tools. Experience with Federal and FedRamp A&A Processes.

Provide independent risk assessment of assigned systems to the Authorizing Official (AO). Advise Program Managers on AO determination utilizing OVL documentation. Provide senior advisory support to CDAO AO regarding authorizations. Utilize expert knowledge of risk management strategies for a major DoD program. Provide support for agile authorization and OVL processes. Provide independent risk analysis and recommendation. Collaborate between the AO and the program. Identify security baselines based on mission and security impacts. Determine assessment criteria and develop security assessment plans. Assess security requirements per the Security Assessment Plan (SAP). Prepare the Security Assessment Report (SAR). Monitor POAM actions and reassess remediated risks. Develop Risk Recommendation and AO Determination Brief. Develop a system-level continuous monitoring strategy. Author and present authorization status briefs to AO and senior Government officials. Provide security architecture and DoD compliance advisory support.