Be on Alert – Fraudulent Employment Offers. Learn More
Assessment and Authorization Support Specialist (Remote Assessment)
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.
As a member on the Security Control Assessment – Validator (SCA-V) team, this specialist will have experience in planning, analyzing, documenting, and reporting activities associated with the system security assessment process. This Remote Assessment Liaison will support the assessment team by evaluating compliance of Cybersecurity Service Provider (CSSP) customers.
- Performing comprehensive security assessments using the Department of Defense (DoD) Risk Management Framework (RMF) process.
- Utilize knowledge of Confidentiality, Integrity and Availability (CIA) levels, Classification Levels (CL) and the NIST 800.53 IA controls associated with each level.
- Analyzing network and IA systems in unclassified and classified environments for compliance with DoD, and US Army (AR 25-2) security configuration requirements and industry best practices.
- Responsible for technical review, subset of policy as it relates to the network, system and network diagrams, descriptions, SOPs, compiling and generating deliverables (Risk assessment, findings, and slide presentation).
- Reviewing technical IA Controls with the customer for specific applicability and compliancy.
- Conducting Security Tests and Evaluation (ST&E) for Accreditation or re-accreditation.
- Analyzing ST&E results; assess, determine, and describe risks associated with the results.
- Conducting Vulnerability and Risk Assessments; these processes may include scanning with authorized DoD tools and/or scripts (Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Security Readiness Review (SRR) scripts, Security Content Automation Protocol (SCAP).
- Review and document results from conducted vulnerability, risk assessments, and scanning tools.
- Responsible for administrative functions related to Cybersecurity Service Provider (CSSP) customer assessments
- Understanding of DISA Security Technical Implementation Guides (STIGs).
- Knowledge of Enterprise Mission Assurance Support Service (eMASS).
- Knowledge of DoD and Army policies, regulations, and guidelines.
- Ability to travel to support on-site technical assessments 25% of the time.
- Minimum 8 years of working experience in Information Systems including Information Technology/ cybersecurity
- 5 years’ experience performing comprehensive security assessments using the Risk Management Framework (RMF)
- Technical background in networking, system engineering, database administration, web application or software development
- Minimum 3-5 years of working experience configuring, troubleshooting, and or securing networking devices (routers, switches, firewalls, Intrusion Detection)
- Experience analyzing Information Assurance systems in unclassified and classified environments for compliance
- Experience in planning, analyzing, documenting, and reporting activities associated with the system security accreditation and authorization (A&A) process
- Knowledge of NIST, CNSS, DoD, and Army policies, regulations, and guidelines
- General knowledge and understanding of the Command Cyber Readiness Inspection (CCRI) process
- Bachelors’ Degree or equivalent work experience
- Active Security Clearance with ability to upgrade to a High Level Clearance
- Ability to obtain required DoD 8570 IAT/CSSP certification prior to start
- 25% travel
- Excellent verbal, interpersonal and written communication skills.
- Strong analytical, problem-solving and decision making capabilities.
- Team player with the ability to work in a fast-paced environment.
- Ability to multi-task in a fast-pasted environment and to work independently.
ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity)
Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email firstname.lastname@example.org and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Maryland Client Office (MD88)