What are the responsibilities and job description for the Lead Security Control Assessor position at CVP (Customer Value Partners)?
Job Description
CVP is seeking a Security Control Assessor Lead to join our growing team. This position will lead a team of seven security control assessors to conduct comprehensive assessments of the management, operational, technical and privacy security controls employed within or inherited by an information system. The goal is to lead a team to efficiently manage the workload and provide risk results that determine the overall effectiveness of the controls and the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
The professional in this role will provide an assessment of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities.
Responsibilities
CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation and build a healthy, safe, and equitable world—a future we call What’s Next.
What do we do? We do work that matters like advancing mental and behavioral health, streamlining immigration, and improving access and outcomes for underserved populations including Veterans, people experiencing homelessness, and rural American residents.
How do we do it? Our team of industry experts deliver integrated, innovative solutions in Healthcare Research & Technology, Digital Transformation, Data Science, Cybersecurity, Marketing Communications & Change Management, and Strategy & Transformation.
Why do we do it? Our core values define the CVP culture, guide our decisions, and enable our client-focused mission. We’re relentlessly focused on making a difference and building What’s Next for our clients and their customers.
We believe diversity, equity, and inclusion are essential components of our individual and collective success, and our commitment to hiring and supporting Veterans has earned us three HIRE Vets gold medallions. Join us to start or advance your career with a mission-focused firm transforming healthcare, enhancing security, and making government work better.
Customer Value Partners, LLC is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.
CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation and build a healthy, safe, and equitable world—a future we call What’s Next. What do we do? We do work that matters like advancing mental and behavioral health, streamlining immigration, and improving access and outcomes for underserved populations including Veterans, people experiencing homelessness, and rural American residents. How do we do it? Our team of industry experts deliver integrated, innovative solutions in Healthcare Research & Technology, Digital Transformation, Data Science, Cybersecurity, Marketing Communications & Change Management, and Strategy & Transformation. Why do we do it? Our core values define the CVP culture, guide our decisions, and enable our client-focused mission. We’re relentlessly focused on making a difference and building What’s Next for our clients and their customers. We believe diversity, equity, and inclusion are essential components of our individual and collective success, and our commitment to hiring and supporting Veterans has earned us three HIRE Vets gold medallions. Join us to start or advance your career with a mission-focused firm transforming healthcare, enhancing security, and making government work better. Customer Value Partners, LLC is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.
CVP is seeking a Security Control Assessor Lead to join our growing team. This position will lead a team of seven security control assessors to conduct comprehensive assessments of the management, operational, technical and privacy security controls employed within or inherited by an information system. The goal is to lead a team to efficiently manage the workload and provide risk results that determine the overall effectiveness of the controls and the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
The professional in this role will provide an assessment of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities.
Responsibilities
- Serve as a principal advisor to the Government on all SCA matters, technical and otherwise, involving the security of an Information System (IS)
- Interface with client to understand priorities and risk tolerance, and provide detailed knowledge and expertise
- Lead and prioritize security control assessment tasks of a team of 7 and 100 systems
- Create and manage to agreed upon assessment schedule
- Collaborate and communicate with government clients on topics such as assessment plans, status, and issues.
- Collaborate and communicate with A&A Lead to ensure A&A and SCA teams are working together and on the same page.
- Continue to innovate the way we work – work smarter and faster – introduce new tools, processes, etc.
- Develop and update assessment processes including SOPs, plans, checklists, templates
- Perform reviews of technical security assessments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strategies
- Be able to step in and perform security assessments of information systems to fill gaps, surges, or team members on PTO. This includes:
- Leverage established testing and evaluation techniques and tools
- Complete risk assessments, evaluate security documentation, and provide written recommendations for authorization.
- Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed.
- Advise the government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system.
- Develop, review, endorse, and recommend action for both the Risk Executive and Authorizing Official.
- Conduct tests that include verification that the features and assurances required for each protection level are functional.
- Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed. Open POA&Ms as required.
- Assess changes in the system, its environment, and operational needs that could affect the accreditation.
- Conduct periodic testing of the security posture of the information system.
- Provide expert research and analysis in support of expanding programs and area of responsibility.
- Assess information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
- Support customers at the highest levels in the assessment and implementation remediation of doctrine and policies.
- Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
- Perform analysis of security features for system architectures.
- Continuously provide on-the-job training to the SCA team to ensure they have tools/knowledge and are performing successfully.
- BS Degree in a Computer discipline or BS Degree in management
- At least 3 years of management experience and 10 years of Cybersecurity or Information Assurance experience.
- Possess one of the following certifications – CISM, CISSP or GSLC
- Possess strong understanding of NIST (Common Controls, Inheritance), FISMA and Cloud Environments
- Must be able to obtain a Public Trust government security clearance
- Able to quickly adjust to changing priorities
- Be very comfortable briefing and working with senior client leadership
- Have strong soft skills to manage team and client interactions and issues
- Have strong problem-solving skills to determine how to meet client objectives
- Prior experience as a system or network administrator or security engineer
- Knowledge of Privacy guidelines
- Experience with Security Assessment Tools (Nessus, DBProtect, Wireshark, etc).
- Certified Audit Professional (CAP) and/or Certified information Systems Auditor (CISA)
CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation and build a healthy, safe, and equitable world—a future we call What’s Next.
What do we do? We do work that matters like advancing mental and behavioral health, streamlining immigration, and improving access and outcomes for underserved populations including Veterans, people experiencing homelessness, and rural American residents.
How do we do it? Our team of industry experts deliver integrated, innovative solutions in Healthcare Research & Technology, Digital Transformation, Data Science, Cybersecurity, Marketing Communications & Change Management, and Strategy & Transformation.
Why do we do it? Our core values define the CVP culture, guide our decisions, and enable our client-focused mission. We’re relentlessly focused on making a difference and building What’s Next for our clients and their customers.
We believe diversity, equity, and inclusion are essential components of our individual and collective success, and our commitment to hiring and supporting Veterans has earned us three HIRE Vets gold medallions. Join us to start or advance your career with a mission-focused firm transforming healthcare, enhancing security, and making government work better.
Customer Value Partners, LLC is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.
CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation and build a healthy, safe, and equitable world—a future we call What’s Next. What do we do? We do work that matters like advancing mental and behavioral health, streamlining immigration, and improving access and outcomes for underserved populations including Veterans, people experiencing homelessness, and rural American residents. How do we do it? Our team of industry experts deliver integrated, innovative solutions in Healthcare Research & Technology, Digital Transformation, Data Science, Cybersecurity, Marketing Communications & Change Management, and Strategy & Transformation. Why do we do it? Our core values define the CVP culture, guide our decisions, and enable our client-focused mission. We’re relentlessly focused on making a difference and building What’s Next for our clients and their customers. We believe diversity, equity, and inclusion are essential components of our individual and collective success, and our commitment to hiring and supporting Veterans has earned us three HIRE Vets gold medallions. Join us to start or advance your career with a mission-focused firm transforming healthcare, enhancing security, and making government work better. Customer Value Partners, LLC is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.
