Cyber Security Control Assessor

Overview

Cyber Security Control Assessor

Location:

Paducah. Division: PPPO DOE Contract. Duration:
Direct Hire.

Pro2

Serve is an Equal Opportunity Employer (Minorities/Females/Disabled/Veterans). To read more about this, view the EEO is the Law poster and this EEO is the Law Poster Supplement. Pay Transparency Statement.

The Cyber Security Control Assessor is primarily responsible for facilitating the recurring programmatic reviews of the PPPO Information Systems, including their implementation of site System Security Plans (SSPs). This responsibility includes the ability to conduct interviews with site personnel, to appropriately document findings or observations, and to prepare either detailed or executive formal reports for technical IT personnel, or key stakeholders.

Prior operational experience in IT or Cyber Security roles will aid control assessors in conducting successful assessments. The Cyber Security Control Assessor will support the review of PPPO Risk Management Framework (RMF) documentation, including continuous monitoring and annual RMF control reviews across multiple ATO accredited information system boundaries on NIST 800 series compliant systems.

• Works onsite at either the Portsmouth, Paducah, or Lexington locations with travel (as needed) to the other PPPO sites for assessments and technical reviews.
• Bachelor's degree in an IT- or Cyber-related subject matter area from an accredited college or university, and have a minimum of 5 years of experience in an operational cyber security specific role (e.g. information systems security manager, information system security officer, cyber security specialist), or have a minimum of 10 years of experience in an IT related position with at least 5 of those years in performing cyber security specific duties.
• In lieu of a degree, or applicable degree, ten or more years of prior work experience in either an IT or Cyber Security operational role may be considered.
• Possess a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar professional certification
• Detailed knowledge of National Institute of Standards and Technology (NIST)
• Ability to conduct cyber security assessments, surveillances, audits, or technical reviews
• Proficiency in Microsoft Office Suite
• Excellent oral and written communication skills
• Ability to work independently or in a team environment
• Exhibit a high degree of professionalism in the production of deliverables and in interactions with fellow employees and client personnel

• At least five (5) years of experience conducting assessments
• Knowledge of industrial control systems and NIST SP 800-82 Guide to Operational Technology
• Knowledge of National Security Systems, including CNSS cyber security requirements and guidance
• Experience with Governance Risk and Compliance tools such as Reg Scale, Archer, or eMASS

Direct Hire

This position may require the ability to obtain a government clearance. This may require reviews and tests for absence of any illegal drugs along with a background investigation by the Federal government in order to obtain an access authorization prior to employment, and may require subsequent reinvestigations.

Affirmative Action Employer-M/F/Vet/Disab/LGBT

ETAS benefits package has been carefully designed to meet the needs of our employees and their families. These benefits include:

• Major Medical Plan with Prescription Card, Dental Plan, Vision, and Disability Insurance
• Retirement Plan 401(k)
• Employee Stock Ownership Program (ESOP)
• Comprehensive Leave
• Holidays

Please submit salary or hourly rate requirements along with resume or in a cover letter.

Paducah, KY area

Please submit resumes via the web page link. If you meet the above requirements/qualifications, please click the Apply Now button to submit your resume to be considered for this position. We look forward to talking with candidates who have the requisite skills and experience level.