Cyber Security Control Assessor

Job Description

The Cyber Security Control Assessor is primarily responsible for facilitating the recurring programmatic reviews of the PPPO Information Systems, including their implementation of site System Security Plans (SSPs). This responsibility includes the ability to conduct interviews with site personnel, to appropriately document findings or observations, and to prepare either detailed or executive formal reports for technical IT personnel, or key stakeholders.

Prior operational experience in IT or Cyber Security roles will aid control assessors in conducting successful assessments. The Cyber Security Control Assessor will support the review of PPPO Risk Management Framework (RMF) documentation, including continuous monitoring and annual RMF control reviews across multiple ATO accredited information system boundaries on NIST 800 series compliant systems.

Job Requirements

• Works onsite at either the Portsmouth, Paducah, or Lexington locations with travel (as needed) to the other PPPO sites for assessments and technical reviews.
• Bachelor's degree in an IT- or Cyber-related subject matter area from an accredited college or university, and have a minimum of 5 years of experience in an operational cyber security specific role (e.g. information systems security manager, information system security officer, cyber security specialist), or have a minimum of 10 of experience in an IT related position with at least 5 of those years in performing cyber security specific duties.
• In lieu of a degree, or applicable degree, ten or more years of prior work experience in either an IT or Cyber Security operational role may be considered.
• Possess a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or similar professional certification
• Detailed knowledge of National Institute of Standards and Technology (NIST)
• Ability to conduct cyber security assessments, surveillances, audits, or technical reviews
• Proficiency in Microsoft Office Suite
• Excellent oral and written communication skills.
• Ability to work independently or in a team environment
• Exhibit a high degree of professionalism in the production of deliverables and in interactions with fellow employees and client personnel.

Preferred Qualifications

• At least five (5) years of experience conducting assessments
• Knowledge of industrial control systems and NIST SP 800-82 Guide to Operational Technology.
• Knowledge of National Security Systems, including the Committee on National Security Systems (CNSS) cyber security requirements, and guidance.
• Experience with Governance Risk and Compliance tools such as Reg Scale, Archer, or eMASS

Duration

Direct Hire

Federal Government Clearance

This position may require the ability to obtain a government clearance. This position may require reviews and test for absence of any illegal drugs along with a background investigation by the Federal government in order to obtain an access authorization prior to employment, and may require subsequent reinvestigations may be required.

EEO Employer

Affirmative Action Employer-M/F/Vet/Disab/LGBT

Benefits

ETAS benefits package has been carefully designed to meet the needs of our employees and their families.

These benefits include:

• Major Medical Plan with Prescription Card, Dental Plan, Vision, and Disability Insurance
• Retirement Plan 401(k)
• Employee Stock Ownership Program (ESOP)
• Comprehensive Leave
• Holidays

Pay Rate

Please submit salary or hourly rate requirements along with resume or in a cover letter.

Job Location

Lexington, KY area

Application

Please submit resumes via the web page link. If you meet the above requirements/qualifications, please click the Apply Now button to submit your resume to be considered for this position, as well as added to our national database. We look forward to talking with candidates who have the requisite skills and experience level.