Security Control Assessor - Planned Systems International, Inc.
Panhandle, TX 79068
About the Job
Advanced Technologies & Laboratories (ATL), a Planned Systems International (PSI) company, is hiring a Security Control Assessor for a position in Amarillo, TX.
This job description reflects the critical role you’ll play in maintaining the network infrastructure at the Department of Energy (DOE) Pantex Plant. If you’re ready to contribute to national security and work in a dynamic environment, we encourage you to apply!
Essential Functions and Job Responsibilities:• Essential Functions and Job Responsibilities:
The Security Control Assessor will conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls, as defined in NIST SP 800-37. The role involves developing Baseline and Risk Assessments (BARA) for new applications/capabilities deployed to the environment and supporting all phases of the Risk Management Framework (RMF) process, including the Prepare, Categorize, Select, and Implement tasks associated with system security plan development.
Your responsibilities will include:
• Conduct independent assessments of IT system security controls and enhancements.
• Develop Baseline and Risk Assessments (BARA) for new applications and capabilities.
• Support all phases of the RMF process, including Prepare, Categorize, Select, and Implement tasks.
• Interpret cyber security plans for vendors to determine compliance with NIST requirements.
• Communicate effectively with vendor IT and Cyber staff.
• Assess and document assessment results for NIST SP 800-171 security controls.
• Aggregate risk for NIST SP 800-171 security controls into an overall risk assessment for non-federal information systems processing Controlled Unclassified Information (CUI) data.
• Document determination on vendor NIST 800-171 compliance.
• Correspond with vendors to correct deficiencies.
• Attend meetings on compliance status.
• General understanding of cyber requirements.
• Ability to interpret cyber security plans for vendors to determine compliance with NIST requirements.
• Ability to communicate with vendor IT and Cyber staff.
• Working knowledge of NIST 800-171, NIST SP 800-53, and NIST SP 800-53A.
• Ability to assess and document assessment results for NIST SP 800-171 security controls.
• Ability to aggregate risk for NIST SP 800-171 security controls into an overall risk assessment for non-federal information systems processing CUI data.
• Knowledge of cyber controls.
• Familiarity with DFARS requirements for processing CUI data on non-federal information systems.
Additional Skills and Abilities:
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work independently and as part of a team.
• Detail-oriented with strong organizational skills.
• Proficiency in using security assessment tools and software.
Must have one of the following combinations of education and experience in a technical field (Compensation will be based on education and experience, with technical field experience weighted more heavily than minimum education.):
Level 1: Bachelor’s degree in a technical field with limited experience or
• Associate’s degree in a technical field and 2 to 5 years of related experience.
• Requires general knowledge and understanding in area of expertise and associated equipment, processes, or systems.
• equipment, processes, or systems.
Level 2:
• Master’s degree in a technical field with limited experience or
• Bachelor’s degree in a technical field and 2 to 5 years of related experience or
• Associate’s degree in a technical field and 5 to 10 years of related experience.
• Requires advanced knowledge and understanding in area of expertise and associated equipment, processes, or systems.
Level 3:
• PhD in a technical field with limited experience or
• Master’s degree in a technical field and 2 to 5 years of related experience or
• Bachelor’s degree in a technical field and 5 to 10 years of related experience or
• Associate’s degree in a technical field and 10 to 15 years of related experience.
• Requires demonstrated in-depth knowledge and skills in a technical specialty.
• Certification as Certified CMMC Professional (CCP).
• Certification as Certified CMMC Assessor (CCA).
PSI offers full-time, benefits eligible employees a competitive total compensation package that includes paid leave, and options for employer sponsored group medical, dental, vision, short-term and long-term disability, life insurance, AD&D coverage, legal services, identity theft, and accident insurance. Flexible spending account and health saving account options offer pre-tax savings for qualified medical, dental, and vision expenses. The company sponsored 401(k) retirement plan has an employer contribution match that is immediately vested. We invest in the professional growth of our employees through professional courses, certifications, and tuition reimbursement programs.
EEO Commitment:It is company policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, color, religion, age, sex, sexual orientation, pregnancy, gender identity, genetic information, national origin, citizenship status, veteran status, protected veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.
Reasonable accommodations for applicants and employees with disabilities will be provided. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources by emailing HRDepartment@plan-sys.com, or by dialing 703-575-8400.