Security Control Assessor Representative

Overview

Goldbelt Nighthawk offers sound solutions in software development and both defensive and proactive cybersecurity. Nighthawk offers an integrated, holistic cybersecurity workforce that is enthusiastic, continuously learning, and progressive. The team is fully committed to implementing dynamic cybersecurity solutions that effectively address the needs of customers. Nighthawk’s flexibility and expertise across the cybersecurity field provides customized solutions to our customer's unique needs.

Summary:

The Security Control Assessor - Representative will perform a risk-based review and evaluation A&A process for classified systems to evaluate system security plans (SSPs) leading to an authorization decision.

Responsibilities

Essential Job Functions:

• Maintain expert-level knowledge of all NIST 800-53 Security Controls
• Maintain working knowledge of DoD, DCSA, and NIST RMF guidance and policies
• Perform SSP reviews in accordance with the plan
• Use critical thinking to aid decision-making and highlight paths that will help achieve desired outcomes during risk-based analysis
• Assess SSPs, document the findings, and make recommendations
• Review and evaluate A&A artifacts in submission documentation
• Provide information security services such as system security documentation evaluation and other support activities connected with the implementation of the Risk Management Framework (RMF)
• Evaluate system security package submissions for authorization of classified systems against defined DCSA and Government technical standards.
• Acquire and maintain NISP eMASS account for daily use
• Attend and participate in training on the NISP eMASS tool
• Be familiar with the NIST RMF and be able to process and track packages through the NISP Enterprise Mission Assurance Support Service (eMASS).
• Use NISP eMASS as an approved repository for artifacts and Plans of Action and Milestones (POA&M)
• Provide written documentation for each SSP review that includes:
• A summary of actions taken as part of the review, including dates and names when applicable
• Quantitative measurements that capture and evaluate communications and information technology support, identify trends, and measure performance relative to SSP reviews
• Analysis of the review
• Clear rationale for outcomes and defensible recommendations
• Sufficient information to enable the Government to assess and authorize decisions
  

Qualifications

Necessary Skills and Knowledge:

• Cybersecurity experience
• Proficiency in Microsoft Office Suite
• Working knowledge and skills in eMASS
  
  

Minimum Qualifications:

• Certified at IAT II (CCNA Security, CSA , GICSP, GSEC, Security CE, SSCP)
• 3-5 yrs. experience in information protection, threat protection, architecture, or system security operations
• Approved personnel with Secret clearance
• Pass an employer background check
• Experience in vulnerability and risk assessment, architecture, and network configuration
  
  

Preferred Qualifications:

• Computer Science, information technology or cyber security degree or 5-7 year work experience in IAT I and II environment
• eMASS skills
• Process engineering
  
  

Pay And Benefits

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.