ISSO/Security Control Assessor (Government/Public Trust Clearance) – Onsite

• 6 month Contract-to-Hire
• Contract Rate: $55-67/hr on W2
• Salary Conversion: $140-145K, DOE
• **ONSITE work is REQUIRED (5 days/week)**
• Location: Downtown Washington DC OR Herndon, VA
• Must be a US Citizen or Green Card/Permanent Resident
• Ability to obtain a Public Trust Clearance is required

KEYS:

• Hybrid/dual ISSO/Security Control Assessor role (should have experience doing both)
• Creating system security documentation from scratch (ISSO); making sure controls in place work, etc.
• Solid understanding of NIST SP 800-53 Rev 5 security controls
• 7 years of experience
• Excellent communicator, proactive, able to work independently, solution-driven, able to interface/communicate with non-technical individuals
• Ability to lead & influence (without being in a “manager” role)
• Prior government/federal agency experience

Summary:

The ISSO/SCA works with system owners to develop all required security documentation for assigned systems including System Categorization, Risk Assessment, System Security Plan, Contingency Plan, Interconnection Security Agreement, ATO package, etc.

Responsibilities include, but not limited to:

• Continuously conduct and document security risk assessments (i.e. SCAs)
• Develop and maintain System Security Plans and keep implementation statements up to date in the GRC Tool (Archer).
• Tests, assess, and document security control effectiveness.
• Develop and perform periodic testing of contingency/DR plans and incident response plans.
• Review, analyze, and coordinate remediation of vulnerability scans and other vulnerability information.
• Review and coordinate the remediation of control deficiencies and audit findings.
• Maintain Plans of Actions and Milestones (POA&Ms) in the Archer GRC Tool and provide timely updates on their status.
• Assist with developing and reviewing Interconnection Security Agreements, and Memoranda of Understanding.

Qualifications include, but not limited to:

• 7 years of relevant ISSO and Security Controls experience, preferably with a US Government/Federal agency
• Experience performing the full cycle of system Assessment and Accreditation (A&A) activities, including ISSO and Security Control Assessment duties.
• Solid understanding of the National Institute of Technology (NIST) SP 800-53 Rev 5 security controls and the Risk Management Framework (RMF).
• Experience with Enterprise GRC Tools (Archer GRC); experience with similar tools like CSAM or others are acceptable.
• Experience developing and maintaining system security documentation, including but not limited to System Security Plans, Security Assessment Reports, Contingency Plans, and Interconnection Security Agreements.
• Ability to identify and assess risks and recommend appropriate remediation strategies.
• Experience developing and updating Plans of Actions and Milestones (POA&Ms) and overseeing efforts to rectify issues found as a result of security vulnerabilities and security controls analysis.
• Strong technical background with strong understanding of network architectures and communications, operating systems, web platforms, and databases.

About PRG

With 20 years of success in the staffing industry, Peyton Resource Group focuses on matching talent to the precise needs of our clients. Your success is our commitment, and we back up that commitment by only recommending opportunities that align with your goals. Our candidate-centric approach ensures you are in the driver’s seat of your career, and our team of recruiters will partner with you and support you every step of the way.

PRG’s dedication to service has been widely recognized throughout the industry. PRG has been awarded ClearlyRated’s Best of Staffing award for 10 straight years, as well as the Business Journal’s Best Places to Work in Dallas, San Antonio and Austin.