Security Control Assessor (SCA)

The Security Control Assessor will be responsible for aiding in drafting, updating, and maintaining documents, templates, and systems to support compliance with the NIST Risk Management Framework (RMF), as well as other relevant programs. Additionally, the SCA will assist OIT SCAs in supporting and maintaining tools. The contractor will conduct independent assessments of System Security Plans (SSPs) to ensure that they meet all applicable security requirements, and will develop Security Assessment Plans (SAPs) in accordance with NIST SP 800-53Aif applicable.

Key Responsibilities:

• Aid in drafting, updating, and maintaining documents, templates, and systems to support compliance with NIST RMF and other relevant programs.
• Conduct independent assessments of System Security Plans (SSPs) to ensure compliance with applicable security requirements.
• Develop Security Assessment Plans (SAPs) that describe the scope of system assessments.
• Collaborate with internal teams to identify and address security risks and vulnerabilities.
• Provide recommendations for mitigating identified security risks.
• Stay current with industry best practices, regulations, and guidelines related to information security.

Qualifications:

• Bachelor's degree in Information Technology, Computer Science, or a related field.
• Strong understanding of security controls and compliance frameworks.
• Experience conducting security assessments and developing Security Assessment Plans (SAPs).
• Excellent communication and collaboration skills.
• Ability to work independently and as part of a team.
• Attention to detail and strong analytical skills.