Today
Top Secret
Unspecified
Unspecified
Security
Ramstein Air Base, Germany (On-Site/Office)
Job Description Summary:
The Security Control Assessor-Representative (SCAR) provides support for USAFE/AFAFRICA in implementing and conducting operations for all phases of the Risk Management Framework (RMF) for Information Systems and Organizations.
Location: Ramstein Air Base, Germany
Job Description: The SCAR:
Minimum/General Experience: Minimum of 12 years experience, of which at least eight years must be specialized experience in defining computer security requirements for high level applications, evaluation of approved security product capabilities and resolution of computer security problems.
Required Specialized Training:
https://csrc.nist.gov/Projects/risk-management/rmf-courses
https://cyber.mil/training/dod-authorizing-official-ao/
https://cyber.mil/training/enterprise-mission-assurance-support-service-emass-cbt/
https://cyber.mil/training/identifying-and-safeguarding-personally-identifiable-information-pii/
Certifications:
Preferred Qualifications:
Clearance: Top Secret with SCI Eligibility
Minimum Education: A Bachelor's degree in computer science/systems, information systems/technology, engineering/engineering technology, software engineering/programming, management, natural sciences, social sciences, mathematics or business/finance.
Education and experience requirements may be substituted with:
GDIT IS YOUR PLACE:
• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays
Work Requirements
The Security Control Assessor-Representative (SCAR) provides support for USAFE/AFAFRICA in implementing and conducting operations for all phases of the Risk Management Framework (RMF) for Information Systems and Organizations.
Location: Ramstein Air Base, Germany
Job Description: The SCAR:
- Provides USAFE/AFAFRICA and its mission partners with innovative cybersecurity and testing services that comply with the RMF requirements.
- Performs RMF assessments for assigned systems, Authority-To-Connect assessments, and Cross-Domain Solution reviews/assessments.
- Documents and manages assessments as projects, in addition to non-assessment projects.
- Assists USAFE/AFAFRICA and its mission partners with Authority to Operate (ATO) and the AF Fast Track ATO processes.
- Manages eMASS user accounts (i.e., add, delete, and assign/update roles) for USAFE/AFARICA's instance of eMASS.
- Creates and processes authorization packages.
- Tracks status of checklists and packages from submission through Authorizing Official approval or disapproval decision.
Minimum/General Experience: Minimum of 12 years experience, of which at least eight years must be specialized experience in defining computer security requirements for high level applications, evaluation of approved security product capabilities and resolution of computer security problems.
- Two (2) years' experience performing assessments and accreditation (A&A) as a SCAR under RMF.
- Experience using all tools and processes under RMF.
- Experience utilizing eMASS collaboration tool.
- Project Management experience and skills sufficient to effectively plan, communicate, execute systems assessments and improve project management tools and templates.
- Experience preparing, providing and delivering concise and effective written, verbal, and presentation communications at all levels from technicians to General Officers/Civilian Senior Executive levels.
- General Information Technology (IT) experience and knowledge sufficient to effectively assess IT systems against security controls.
Required Specialized Training:
- NIST Risk Management Framework:
https://csrc.nist.gov/Projects/risk-management/rmf-courses
- DoD Authorizing Official Training:
https://cyber.mil/training/dod-authorizing-official-ao/
- Enterprise Mission Assurance Support Service (eMASS) 5.10.0:
https://cyber.mil/training/enterprise-mission-assurance-support-service-emass-cbt/
- Identifying and Safeguarding Personally Identifiable Information (PII):
https://cyber.mil/training/identifying-and-safeguarding-personally-identifiable-information-pii/
Certifications:
- TESA eligibility/certification required.
- Possess and maintain Cybersecurity Baseline Information Assurance Management (IAM) Level III certification (ISC2 CISSP, ISACA CISM or equivalent)
- Possess and maintain Risk Management assessment ISC2 Governance, Risk, and Compliance Certification (CGRC), ISACA Certified Information Systems Auditor (CISA), or equivalent (preferred to have on start date; may acquire within 6 months of start)
Preferred Qualifications:
- Project Manager Professional (PMP) Certification
- Strong communications and leadership skills, experience in project planning and execution, and knowledge of project management methodologies
Clearance: Top Secret with SCI Eligibility
Minimum Education: A Bachelor's degree in computer science/systems, information systems/technology, engineering/engineering technology, software engineering/programming, management, natural sciences, social sciences, mathematics or business/finance.
Education and experience requirements may be substituted with:
- BA/BS + 12 yrs exp (8 specialized) OR
- MA/MS + 8 yrs exp (7 specialized) OR
- Ph.D. + 6 yrs exp (2 specialized) OR
- No Degree + 13 yrs exp (7 specialized)
GDIT IS YOUR PLACE:
• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays
Work Requirements
group id: 90979310
Explore the Art of the Possible | GDIT
