Security Control Accessor - Mid

Summary

Join Arlo Solutions as a Security Control Assessor (SCA) to play a pivotal role in comprehensively understanding the cybersecurity posture of a given capability within CDAO, providing authoritative risk determinations and recommendations critical for the Authorizing Official (AO) to grant an Authority to Operate (ATO).

Requirements

• Must have at least a Public Trust – Secret level clearance preferred
• Bachelor’s degree in computer science/information technology, or other related degree fields (master’s degree is preferred or at least 5 years of related experience)
• At least 5+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus
• At least one IAT/IAM or equivalent security certifications ex. Sec+, CISSP, CCSP, CISM, CISA, or CASP
• Experience working with OSD leadership or Military component or branch
• Understanding of NIST 800 series guidelines, DoDI 8500.01, DoD 8140.03, rISO 27001, COBIT, DoD RMF, OVL, and current cybersecurity best practices
• Excellent communication/presentation skills briefing senior military and government civilian leadership
• Experienced with writing standard operating procedures
• Experience in hands on with eMASS, Xacta and/or other GRC tools
• Experience with Federal and FedRamp A&A Processes

Responsibilities

• Provide the AO with an independent risk assessment of assigned systems and an authorization
• Advise Program Managers on AO determination utilizing OVL documentation
• Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities
• Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program
• Providing support regarding the agile authorization and OVL processes
• Provide independent risk analysis and recommendation
• Collaborate between the AO and the program as well as Program leadership
• Identify the security baseline based on the mission and security impacts to the system
• Determine assessment criteria, develop, review, and create a plan to assess the security requirements
• Assess the security requirements in accordance with the assessment procedures defined in the Security Assessment Plan (SAP)
• Prepare the Security Assessment Report (SAR)
• Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate
• Develop the Risk Recommendation and AO Determination Brief
• Develop a system-level continuous monitoring strategy
• Author and present briefs regarding status of authorizations to AO and other senior Government officials
• Provides security architecture and DoD compliance advisory support