Assessment And Authorization - Technical Support Specialist
As a member on the Security Control Assessment – Validator (SCA-V) team, this Assessment and Authorization Support Specialist will have experience in planning, analyzing, documenting, and reporting activities associated with the system security technical assessment process. This Assessment role will support the assessment team by evaluating technical compliance for Cybersecurity Service Provider (CSSP) customers.
- Performing comprehensive onsite technical security assessments using the Department of Defense (DoD) Risk Management Framework (RMF) process.
- Utilize knowledge of Confidentiality, Integrity and Availability (CIA) levels, Classification Levels (CL) and the NIST 800.53 IA controls associated with each level.
- Analyzing network and IA systems in unclassified and classified environments for compliance with DoD, and US Army (AR 25-2) security requirements
- Responsible for technical review, subset of policy as it relates to the network, system and network diagrams, descriptions, SOPs, compiling and generating deliverables (Risk assessment, findings, and slide presentation).
- Reviewing technical IA Controls with the customer for specific applicability and compliancy.
- Conducting Security Tests and Evaluation (ST&E) for Accreditation or re-accreditation.
- Analyzing ST&E results; assess, determine, and describe risks associated with the results.
- Conducting Vulnerability and Risk Assessments; these processes may include scanning with authorized DoD tools and/or scripts (Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Security Readiness Review (SRR) scripts, Security Content Automation Protocol (SCAP).
- Review and document results from conducted vulnerability, risk assessments, and scanning tools.
- Responsible for administrative functions related to Cybersecurity Service Provider (CSSP) customer assessments
- Understanding of DISA Security Technical Implementation Guides (STIGs).
- Knowledge of Enterprise Mission Assurance Support Service (eMASS).
- Knowledge of DoD and Army policies, regulations, and guidelines.
- Minimum 8 years of working experience in Information Systems including Information Technology/ cybersecurity
- 5 years’ experience performing comprehensive technical security assessments using the Risk Management Framework (RMF)
- Technical background in networking, system engineering, database administration, web application or software development
- Minimum 3-5 years of working experience troubleshooting, and or securing networking devices (routers, switches, firewalls, Intrusion Detection)
- Experience analyzing Information Assurance systems in unclassified and classified environments for compliance
- Experience in planning, analyzing, documenting, and reporting activities associated with the system security accreditation and authorization (A&A) process
- Knowledge of NIST, CNSS, DoD, and Army policies, regulations, and guidelines
- General knowledge and understanding of the Command Cyber Readiness Inspection (CCRI) process
- Bachelors’ Degree or equivalent work experience
- Security Clearance required
- DO DOD 8570 Compliance; must hold certifications meeting the requirements for both IAT-II (CCNA, CySA+, GICSP, GSEC, Sec+, or SSCP) & CSSP-Analyst (CEH, DFR, CySA+, GCIA, GCIH, GICSP, or SCYBER) prior to start
- Experience working closely with onsite clients in providing daily, frequent and on-going status updates
- Excellent verbal, interpersonal and written communication skills.
- Strong analytical, problem-solving and decision making capabilities.
- Team player with the ability to work in a fast-paced environment while providing frequent updates to the client
- Ability to multi-task in a fast-pasted environment and to work independently
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.
ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity). For more information, please read our EEO & AA policy.
Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email firstname.lastname@example.org and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Maryland Client Office (MD88)