• A&A Security Control Assessor Manager

    Chenega Corporation (Arlington, VA)


    **Req ID:** 38189

    Summary

    A&A Security Control Assessor Manager

     

    Arlington, VA

     

    Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!

     

    The **A&A Security Control Assessor Manager** specializes in evaluating and approving system interconnections and network connections within the federal environment that specifically support a DARPA technical office. This role focuses on ensuring secure connectivity between systems while maintaining compliance with DoD, JSIG, and IC security requirements.

    Responsibilities

    + Review and assess Authorization to Operate and Authorization to Connect (ATC) packages for system interconnections

    + Evaluate security controls for proposed system connections and data flows

    + Conduct risk assessments for interconnection agreements between systems

    + Develop and maintain System Interconnection Agreements (SIA)

    + Coordinate with network architects and system administrators on secure connection requirements

    + Assess the impact of proposed connections on existing security authorizations

    + Document connection-specific security controls and monitoring requirements

    + Support the development of network security architectures

    + Maintain inventory of authorized system connections and their security status

    + Provide technical guidance on secure network design and implementation

    + Support incident response activities related to network security events

    + Process authorized file transfers (AFTs)

    + Supports the technical office as a cybersecurity advisor on processing connections to enterprise systems

    + Review and evaluate comprehensive Connection Approval Packages (CAP)

    + Assess proposed system architectures for security control implementation

    + Conduct detailed security control assessments for interconnecting systems

    + Develop risk calculations and scoring for CAP packages

    + Develop assessment methodologies

    + Coordinate with multiple stakeholders, including system owners, network administrators, and authorizing officials

    + Ensure compliance with DoD 8510 RMF requirements for system connections

    + Review security documentation, including System Security Plans, risk assessments, and contingency plans

    + Provide technical recommendations for connection approval or conditional approval

    + Support the development of connection-specific monitoring strategies

    + Maintain documentation of approved connections and their security posture

    + Participate in connection approval boards and technical review meetings

    + Other duties as assigned.

    Qualifications

    + Bachelor's degree or higher. Can be substituted for associate’s degree with 2+ years of relevant experience OR

    + High school diploma or GED equivalent with 4+ years relevant experience.

    + 12+ years relevant experience.

    + DOD 8140 IAM Level II (CAP, CASP, CISM, CISSP, GSLC, CCISO).

    + Top-Secret Clearance with SCI eligibility is required.

    Knowledge, Skills and Abilities:

    + Performing work onsite is required.

    + Experience with DARPA network environments and research systems

    + Knowledge of specialized government network architectures (SIPR, NIPR, etc.)

    + Background in network penetration testing or vulnerability assessment

    + Experience conducting assessments on DOD environments

    + Background in system engineering or network architecture

    + Familiarity with automated risk assessment tools and methodologies

    + Working knowledge of DOD Cybersecurity Regulations to include:

    + (U) NIST Federal Information Processing Standard Publication (FIPS) No. 199 "Standards for Security Categorization of Federal Information and Information Systems", February 2004

    + (U) NIST Federal Information Processing Standard Publication (FIPS) No. 200 "Minimum Security requirements for Federal Information and Information Systems", March 2006

    + (U) NIST Special Publication 800-59 “Guideline for Identifying an Information System as a National Security System”, August 2003

    + (U) NIST Special Publication 800-60, Volumes I-II, Revision 1, “Guide for Mapping Types of Information and Information System to Security Categories”, August 2008

    + (U) Committee on National Security Systems Instruction (CNSSI) No. 1253, “Security Categorization and Control Selections for National Security Systems,” current edition

    + (U) NIST Special Publication 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations,” current edition

    + (U) DoD Instruction 8510.01, “Risk Management Framework (RMF) for DoD Information Technology (IT),” current edition

    + (U) DoD Instruction (DoDI) 8500.01, Cybersecurity, March 14, 2014

    + Joint Special Access Program (SAP) Implementation Guide (JSIG)

     

    How you’ll grow

     

    At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn.

     

    We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.

     

    Benefits

     

    At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.

     

    Learn more about what working at Chenega MIOS can mean for you.

     

    Chenega MIOS’s culture

     

    Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.

     

    Corporate citizenship

     

    Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

     

    Learn more about Chenega’s impact on the world.

     

    Chenega MIOS News- https://chenegamios.com/news/

     

    Tips from your Talent Acquisition Team

     

    We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links:

     

    Chenega MIOS web site - www.chenegamios.com

     

    Glassdoor - https://www.glassdoor.com/Overview/Working-at-Chenega-MIOS-EI\_IE369514.11,23.htm

     

    LinkedIn - https://www.linkedin.com/company/1472684/

     

    Facebook - https://www.facebook.com/chenegamios/

     

    Chenega Corporation and family of companies is an EOE.

     

    Equal Opportunity Employer/Veterans/Disabled

     

    Native preference under PL 93-638.

     

    We participate in the E-Verify Employment Verification Program