Security Controls Assessor with Security Clearance

Alpha Omega is an award-winning Federal IT Solutions provider. Since its inception in September 2016, we have grown from a start-up to a $100m/year business. Alpha Omega's growth stems from our mission focus: to make the US Government the best in the world. We achieve that via advanced capabilities in the areas of Design & Product Management, DevSecOps & Cloud Engineering, Intelligent Automation, and Cybersecurity. Our consistent growth has fostered a series of accolades including Inc. 5000 and Washington Technology's Fast 50 awards for five consecutive years, Virginia Business Best Places to Work ten years in a row, and Maryland Technology Council's 2022 Government Contract of the Year over $50 Million Dollars award, to name a few. We are seeking passionate federal IT professionals to join our team. Come support our nation's government agencies and make a difference. Why Us? We have H.E.A.R.T Alpha Omega's Core Values - (H) harmony, (E) engagement, (A) accountability, (R) resourcefulness, and (T) tenacity- collectively are an acrostic reminder of the values that guide the work we do. We foster a culture that recognizes and rewards hard work. Our H.E.A.R.T. program invites colleagues and managers from across the organization to recognize each other for living out our core values. Spotlighted employees enjoy a detailed nomination about their core-values-aligned actions which are then shared with their manager. Ready to embark on a rewarding, challenging, and fulfilling career in the Federal IT Solutions space? Come grow with us. Job title: Security Controls Assessor
Location: Remote Clearance Required: DHS Public Trust EOD Alpha Omega in seeking a Security Controls Assessor. This role conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). Responsibilities: Ensuring the automated monitoring of information system assets through Continuous Diagnostics and Mitigation (CDM) tools and sensors
Maintaining an asset inventory of hardware and software within the program/development offices or field site facility
Ensuring that security requirements for the assigned major application or general support system are being or shall be met
Ensuring that requests for Security Authorization (SA, also commonly referred to as Assessment & Authorization or Certification and Accreditation) of assigned major application or general support systems are completed in accordance with the published procedures
Coordinating the development of a Contingency Plan and ensuring that the plan is tested and maintained
Ensuring risk analyses are completed to determine cost-effective and essential safeguards in alignment with government and industry best practice (e.g. NIST 800-30, 37, 39)
Ensuring preparation of security plans for sensitive systems and networks
Reporting IT security incidents (including computer viruses) in accordance with established procedures
Reporting security incidents not involving IT resources to the appropriate security office; and representing the security team as part of change management for assigned information systems
Required Skills/Experience: 7 years of IT experience (inclusive of 1 year of Cybersecurity experience) if you hold a BS or Master's Degree in an IT field. OR
9 years of IT experience (inclusive of 3 years of Cybersecurity experience) if you hold a BS in a non-IT field. OR
11 years of IT experience (inclusive of 5 years of Cybersecurity experience) if you do not have a degree.
Preferred Skills/Experience: Familiarity with one or more of DHS Directive 4300A, FIPS Pubs 199 & 200, and NIST Special Pubs 800-30, 800-37, 800-39, 800-53, 800-60
Experience as an Information System Security Officer (ISSO)
Experience with Vulnerability, Configuration, and Asset Management tools in support of Continuous Monitoring
Experience with POA&M management
Experience performing Security Authorization
Experience performing Risk Analysis and Assessment
Experience with XACTA or similar tool
Should be able to support a minimum of four of the areas listed: Security Control Assessment
Security Code Analysis
Product Evaluation
Document Review and Security Technical Writing
Risk Assessment and Risk Management
Policy and Audit Services
5 or more years directly supporting security of IT systems
Required Certifications (at least one of the following): Certified Information Systems Security Professional (CISSP)
CompTIA Advanced Security Practitioner (CASP)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Certified Information Security Manager (CISM)
Alpha Omega Integration, LLC (Alpha Omega) is committed to the development of a creative, diverse, and inclusive work environment. In accordance with the law and our organizational values, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, Veteran Status, or any other characteristic protected by law (referred to as "protected status)". Final hiring decisions at Alpha Omega will be based on merit, qualifications, and abilities. Black, Indigenous, and People of Color (BIPOC), LGBTQIA, women, people over 40, and differently-abled folks are strongly encouraged to apply.