Security Controls Assessor (SCA) - Piper Companies

Zachary Piper Solutions is seeking a Security Controls Assessor (SCA) for a long-term/multi-year government program located in Washington, DC. The SCA will support the Office of Naval Intelligence with A&A activities. This is an on-site position supporting the ATO process for NIO.

Responsibilities for the Security Controls Assessor include:

• Review relevant policies, schedule activities, and provide recommendations for courses of action\
• Analyze, document, assess, and manage security and mission requirements 
• Develop, improve on, and review ATO documents 
• Assist with process of application in a variety of cloud computing environments 

Required Qualifications for the Security Controls Assessor include:

• 7+ years of experience in Cyber Security focused on SCA work
• TS/SCI Clearance
• IAM Level III Certification (CISM, CISSP, GSLC, CCISO)
• Bachelor's Degree

Compensation for the Security Controls Assessor include:

• Salary Range: $140,000-165,000 **depending on experience**
• Benefits: CIGNA Medical, Dental, Vision, 401k, Holidays, PTO

Keywords: senior, sr, s.r., travel, travel required, miami, certified information systems security professional, certified information security systems professional, certified information system security professional, fed ramp, fed-ramp, cloud security, cloud security specialist, STIGs, STIG, security assessment, security assessments, vulnerability, cybersecurity, cyber-security, assessor, assessors, cloud security assessor, fedramp assessor, fed-ramp assessor, red ramp assessor, fed ramp assessments, redramp assessments, cloud, cloud policies, cloud policy, federal, government, federal networks, government networks, department of, DOS, DHS, department of homeland securtiy, security, benefits, wellness plan, junior, jr, pto, holidays, 401k, 3PAO, Fedramp assessor, fedramp assessments, third party assessor, ATO, fedramp controls, cloud controls, cloud assessments, migration, RMF, NIST, FedRAMP, DISA Cloud Computing Security Requirements Guide, DISA CC SRG, FISMA, ISO, HIPAA, COBIT, HITECH, CISM, CISSP, NIST,800-53 rev. 3, 800-53 rev. 4, 800-37, Security+, CAP, CISA, contingency plans, security assessment plans, SCA, security control assessment, system security plan, SSP, incident response plan, vulnerabilities, vulnerability management, POA&M, plan of action and milestones, artifact, nessus, retina, ACAS, PKI, continuous monitoring, consulting, SA&A, A&A, C&A, certification, accreditation, information assurance, information security, Virginia, Washington DC, DC, D.C., district of columbia, remote, Maryland, level I, level 1, level ii, level 2, security+, comptia, sec+, security plus, security +, sec +, security+ce, cissp, casp+, casp +, cysa, cysa+, ccna, ccnp, ccna security, ccnasecurity, gicsp, gsec, cnd, sscp, ccnpsecurity, ccnp security, casp+ce, cisa, gced, gcih, ccsp, iat, iat II, iat 2, iat two, iat level 2, iat level two, iat level ii, cloud based, cloud-based, RMF lifecycle, RMFlifecycle, National institute for science and technology, NIST 800, red-ramp, Nist 800-53 Rev.5, risk management framework, AWS, Azure, ISO 27000, ISSO, ISSM, ISSE, information system security officer, information systems security officer, cyber security, cyber security specialist, izo, ize, izm, systems, on-prem, rev 4, rev 5, rev4, rev5, policy security, policy cyber security, security frameworks, enterprise system, enterprise systems, amazon web services, AODR, hybrid, Secret, secret clearance, TS, top secret, clearance, cloud one, cloud 1, ATO package, portfolio management, cloud system, cloud systems, cloud-system, cloud-systems, cyber team, security assessor, risk assessor, controls assessor, risk management assessor, partial-remote, fully remote, 100% remote, wfh, reston, arlington, alexandria, tysons, risk framework assessor, assessment, assessments, security assessments, public trust, public-trust, dhs suitability, publictrust, dhs, doj, dos, dhhs, hhs, dod, irs