Missouri Information Technology Jobs

Jobs.mo.gov mobile logo

Job Information

CENTERPOINT Security Control Assessor (SCA) in St. Louis, Missouri

Customer: Intel Client

CENTERPOINT is seeking a motivated and customer-oriented cybersecurity professional to support our IC client. The candidate will support the client in executing Risk Management Framework (RMF) based Assessment & Authorization (A&A) activities. Specifically, the candidate will support RMF Step 4 and perform security control assessments against a system to determine the extent to which Information System security controls are implemented correctly, operating as intended, and producing the desired outcomes. In addition, the candidate should be able to contribute to the completion of milestones associated with specific projects and provides solutions to a variety of complex technical problems involving security control assessments.

Duties:

Assess Security Controls

Perform Security Control Assessments (SCAs) to determine the extent to which Information System security controls are implemented correctly, operating as intended, and producing the desired outcomes as stated in the NGA Information Assurance Requirements Catalog (IARC.)

Continuous Monitoring

Support NGA's Information System Continuous Monitoring (ISCM) program to ensure information system cybersecurity risk is acceptable throughout the system life cycle.

Desired skills:

  • Experience with RMF, CNSSI 1253, NIST SP 800-53, ICD 503

  • Experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)

  • Experience with utilizing Telos XACTA tool

  • Applies knowledge of Information Assurance Vulnerability Alerts (IAVAs)

  • Applies experience with compliance and vulnerability scanning tools (Nessus, McAfee ePO)

  • Conducts comprehensive security control assessments levied against a system and documenting the results, including recommendations for correcting any weaknesses or deficiencies in the controls

  • Develops a Security Assessment Report (SAR)

  • Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system

  • Performs security control assessments on cloud-based systems (i.e., AWS)

  • Validates closure of liens and update POA&Ms, as applicable

Required Experience: 5+ years of relevant experience as a cyber security control assessor

Certification Requirements:

IAT Level III (CISA, CISSP, CASP, CCNP Security, GCED, GCIH) with CND-AU (CISA, CEH, CySA, GSNA)

Education Requirement: B.S. or relevant experience in related field

Clearance Requirements:

Active TS/SCI

DirectEmployers