Security Control Assessor IV (SCA)

Description

The Security Control Assessor (SCA) provides information security Assessment and Authorization (A&A) support throughout the client's program's lifecycle to the Contractor and Government facilities to process the client's information. SCAs enhance the Information System (IS) security awareness of Directorates' & Offices' staffs, ensure that proper IS security resources are appropriately applied and act as an IS liaison between the Directorates & Offices and OS&CI.

The SCA Level IV duties include, but are not limited to the following:

• The SCA shall review information systems for compliance with applicable DCID, ICD, and client's directives and guidance, and make recommendations to the USG.
• Provide IS security advice and guidance following applicable DCID, ICD, and client's directives and guidance to Government and industry partners for the protection of data at all classification levels including SCI.
• Provide IS technical guidance and support in preparing responses for USG approval to A&A questions asked by Government and industry partners.
• Evaluate and recommend approval, disapproval, or waiver(s) for IS processing national security data at industry and/or Government facilities.
• Support client's Security development and implementation of directives and guidance for client's Information Assurance, Information Technology, and Information Management policies.
• Provide input to NRO for consideration in the promulgation of future clients' IS security policy.
• Support and/or conduct site visits and assessments to inspect and verify IS reports and plans at industrial and Government locations as approved by the cognizant COTR or site Government Point of Contact (GPOC) and provide a written report for review and approval by the Government.
• Prepare reports and memoranda, to include, but not limited to Memoranda for the Record (MFR), Memoranda of Agreement (MOA), Authorization To Proceed, and status and technical briefs for review and approval by the Government.
• Update data and maintain Government-provided databases with current information about Government and industry IS status and representative contact information.
• Prepare, review, and record notification and status messages to indicate the A&A state of systems to system owners or programs in a format approved by the Government.
• The contractor shall ensure that appropriate IS security requirements including applicable DCID, ICD, and NRO directives and guidance are addressed and applied and that appropriate documentation is prepared by the system owners or programs. The documentation will be contained in the Security Assessment Package, including, but not limited to the Concept of Operations (CONOPS) Plan, System Security Plans, System Requirements Traceability Matrix, Risk Management Matrix, Test Results, interface control documents, requests for changes, test plans, and other related program security documentation.
• Track completion of the Security Assessment Report (SAR).
• Support the preparation of the SAR, including, but not limited to, the Summary of Assessment results and Authorization Recommendation.
• Review, coordinate, and respond to IS security issues as requested by the Government.
• Perform short-term (less than 90 days) CONUS and OCONUS travel to conduct site security inspections when approved by the COTR.
• Provide A&A support to the Government for the protection of special programs and tactical operations-related activities.
• The contractor shall ensure these documents are reported via the Data Accession List (CDRL A008)

Required Skills (Knowledge, Skills, Abilities)

• Ability to simultaneously manage and track multiple large-scale systems or programs involved in the A&A process.
• Experience developing and implementing security-related directives and guidance for Information Assurance, Information Technology, and Information Management.
• In-Depth Technical understanding of information technology systems, software, and networks.
• Effective technical report and general correspondence writing ability.
• Ability to manage and track systems or programs involved in the A&A process.
• Experience developing and implementing security-related directives and guidance for Information Assurance, Information Technology, and Information Management; and
• Experience working with a mixed skill level team to ensure that appropriate knowledge and skill transfer occurs.
• Practical experience performing information systems assessment and authorization (A&A) as defined in applicable ICDs and guidance.
• Practical experience performing the processes involved in developing and implementing security-related directives and guidance for Information Assurance, Information Technology, and Information Management.
• Practical experience utilizing risk management strategies for information technology solutions.
• Technical understanding of emerging technologies and their implementation within Government system and network environments.
• Knowledge of information technology concepts used in the evaluation of security performance and integrity of state-of-the-art applications, communications systems, hardware, software, satellite control systems, and information processing systems.
• Technical understanding of information technology systems, software, and networks.
• Ability to effectively coordinateA&A activities of industry and Government information systemsto meet acquisition milestone requirements; and
• Effective technical report and general correspondence writing ability.
• Strong leadership skills and the ability to develop/lead a high performing team focused on the customer's mission
• Strong business acumen with analytical / metrics capabilities.
• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel, and industry partners
• Proficiency with MS Office Suite (MS Word, Excel, PowerPoint, and Outlook)

Professional & Cultural Characteristics

• Available to work before/after typical office hours
• A credible and savvy business professional who is seen as a trusted advisor and functional expert to senior management.
• Proactive and assertive professional who leads by example.
• Leads with humility and can engender trust and respect quickly with a reputation for their willingness and ability to roll-up sleeves to get things done.
• Vibrant, high-energy, and performance-driven individual who possesses the fortitude to address challenging scenarios.
• Continuous learner who is always seeking to improve and constantly evaluating industry thought leadership.
• A high achiever and independent self-starter with an exceptional track record of success who wants to be with a company that believes that people and culture are its greatest asset.

Required Certification

• Appropriate IAM/IAT Level 3 Certification

Clearance

• Top Secret clearance, eligible for Special Compartmented Information, with CI Polygraph

Years of Experience/Education Requirements

• Individuals must have a minimum of a bachelor's degree in Engineering, Computer Science, or related field of study, and/or computer science with 10 years of information security and information assurance experience.

Desired Skills (Knowledge, Skills, Abilities)

• Education relevant to computer engineering, information security, information management, and/or computer science; and
• Experience in technical project management.

Travel

• Must be willing to travel short term (less than (90 days)

Additional Information

• This job description is not designed to cover or contain all job duties required of the employee. There may be additional activities, duties, and/or responsibilities that are required for this position that is not listed in this job description.
• A "key position" is considered an essential position to the work being performed in support of the contract. Not all positions are considered key.
• In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
• System High is a Military friendly employer. Our extensive work on behalf of the U.S. government offers those who have served in uniform an opportunity to continue to serve their country in a new and exciting way while enjoying a successful civilian career.
• System High Corporation is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. EEO is the Law