Security Control Assessor (SCA) Professional- Level I

Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.

Arcfield's Cyber programs are expanding and are currently in need of Level I-Security Control Assessor (SCA) professionals to support Risk Management Framework (RMF) workflows, performing comprehensive INFOSEC assessment of management, operational, and technical security controls to determine overall effectiveness of the controls for A&A determination throughout an NRO program's system lifecycle. SCAs provide an assessment of the severity of weakness or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities. Note: An offer for this position is contingent upon contract award.

Responsibilities include, but are not limited to:

• Review and assess information systems (IS) for compliance with IC, DoD, and ND guidelines
• Provide IS security advice and guidance to government and industry partners
• Advise Information System Owners (ISO) on confidentiality, integrity, and availability impact values
• Offer technical guidance for Authorization and Accreditation (A&A) responses
• Evaluate IS threats and vulnerabilities, recommending additional safeguards as needed
• Support development and implementation of NRO IT-IA-IM policies
• Contribute to future NRO IS security policy development
• Conduct site visits and assessments, prepare written reports for government approval
• Ensure completion of security control assessments for each IS
• Support RMF process-related presentations, briefings, and reports
• Utilize NRO's RMF system of record for workflow duties and documentation
• Track and report on RMF process workflow activities and metrics
• Prepare Security Assessment Reports (SARs) and Authorization Recommendations
• Collaborate on Plans of Action and Milestones (POAMs) based on assessment findings
• Review and approve IS Security Assessment Plans
• Address security issues as requested by the government
• Support A&A for special programs and tactical operations
• Conduct reviews and write reports for ISAP or TISSRs
• Verify proper implementation and documentation of security controls in System Security Plans (SSPs)
• Assess severity of identified weaknesses and recommend corrective actions
• Act as IS liaison between Directorates and Offices (Ds&Os) and COMM

Required:

• BS 0-2 years
• Must possess and have the ability maintain a TS/SCI w Poly
• Certifications:
  • CAP
  • GSLC
  • Security+ CE
  • GSEC
  • Security+
  • A+
• SCA experience
• Relevant experience in technical project management
• Basic IS security knowledge
• Familiarity with IA concepts
• Ability to review and recommend vulnerability and risk levels associated with SW and HW products
• Ability to provide basic IA support to SCA Levels 2 - 4 personnel in the conduct of assessment actions

Desired:

• Education relevant to computer engineering, INFOSEC, cyber security, information management, and/or computer science
• BA/BS or higher STEM degree

We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.