Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level incident response and forensic analysis, Hawk's personnel deliver threat analysis and reporting while implementing solutions based on mature planning and development practices.

Summary:

The Security Control Assessor Representative will perform a risk-based review and evaluation A&A process for classified systems to evaluate System Security Plans (SSPs) leading to an authorization decision.

Essential Job Functions:

• Maintain expert-level knowledge of all National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Security Controls
• Maintain working knowledge of Department of Defense (DoD), Defense Counterintelligence Security Agency (DCSA), and NIST Risk Management Framework (RMF) guidance and policies
• Perform SSP reviews in accordance with the plan
• Use critical thinking to aid decision-making and highlight paths that will help achieve desired outcomes during risk-based analysis
• Assess SSPs, document the findings, and make recommendations.
• Review and evaluate Assessment and Authorization (A&A) artifacts in submission documentation
• Provide information security services such as system security documentation evaluation and other support activities connected with the implementation of the Risk Management Framework (RMF)
• Evaluate system security package submissions for authorization of classified systems against defined DCSA and Government technical standards
• Acquire and maintain National Industrial Security Program (NISP) Enterprise Mission Assurance Support Service (eMASS) account for daily use
• Attend and participate in training on the NISP eMASS tool
• Be familiar with the NIST RMF and be able to process and track packages through the NISP eMASS
• Use NISP eMASS as an approved repository for artifacts and Plans of Action and Milestones (POA&M)
• Provide written documentation for each SSP review that includes:
• A summary of actions taken as part of the review, including dates and names when applicable
• Quantitative measurements that capture and evaluate communications and information technology support, identify trends and measure performance relative to SSP reviews
• Analysis of the review
• A clear rationale for outcomes and defensible
• recommendations
• Sufficient information to enable the Government to assess and authorize decisions

Necessary Skills and Knowledge:

• Proficiency in Microsoft Office Suite
• Solid client service, time management, and leadership skills as well as written and verbal communication skills

Minimum Qualifications:

• Minimum 2 years of Cybersecurity experience
• Certified at IAT Level II (CCNA Security, CSA+, GICSP, GSEC, Security+ CE, SSCP)
• Must be a U.S. Citizen
• Pass an employer background check
• Active Secret clearance

Preferred Qualifications:

• BA or BS degree in Information Technology or Engineering preferred