Security Control Access
Posted on Jun 14, 2019 by Perspecta
Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves-to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers.
Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways-not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.
Perspecta's talented and robust workforce-14,000 strong-stands ready to welcome you to the team. Let's make an impact together.
Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories
- Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
- Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
- Applies knowledge of Information Assurance Vulnerability Alerts (IAVAs)
- Determines if vulnerabilities exist and, if found, what mitigating strategies can be applied
- Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation, including system level attacks and user level attacks
- Coordinates planning, scheduling, and testing of projects in the Assessment and Authorization (A&A) process
- Develops and documents security evaluation test plans and procedures
- Conducts hands on security testing, analyzes results, documents risks, and recommends countermeasures
- Advises and assists with the Lifecycle Assessment and Authorization (A&A) process and development of Systems Security Plan (SSP)
- Coordinates A&A actions and system testing with appropriate security personnel
- Develop risk assessments, recommend mitigating countermeasures, and write short, succinct risk assessment and certification reports for submission to the Chief Information Officer
- Applies knowledge of Certification Testing protocol for TS/SCI Information Systems and Applications
- Applies working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process
- Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation
- Applies experience in developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations and instructions
- Demonstrate experience providing threat analysis based on identified security vulnerabilities
- Applies experience with compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners
- Active TS/SCI w/Poly
- Bachelor's Degree with 12 years of experience or a Master's Degree with 10 years, High School Diploma/GED with 16 years, or Associates Degree with 14 years
- Provides technical / management leadership on major tasks or technology assignments.
- Establishes goals and plans that meet project objectives.
- Has domain and expert technical knowledge.
- Directs and controls activities for a client, having overall responsibility for financial management, methods, and staffing to ensure that technical requirements are met.
- Interactions involve client negotiations and interfacing with senior management.
- Decision making and domain knowledge may have a critical impact on overall project implementation.
- May supervise others.