SecurityControlAssessor(SCA)

**_Type of Requisition:_** Regular _**Clearance Level Must Currently Possess:**_ Top Secret/SCI _**Clearance Level Must Be Able to Obtain:**_ Top Secret SCI + Polygraph ** _Public Trust/Other Required:_** None _**Job Family:**_ Cyber and IT Risk Management ** _Job Qualifications:_** **Skills:** Information Security, Information Systems, Risk Mitigation Strategies, System Security **Certifications:** None **Experience:** 5 + years of related experience **US Citizenship Required:** Yes _**Job Description:**_ Location: **Ramstein, Germany** The SCA is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). SCAs also provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities. Responsibilities will cover Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities within the customer’s area of responsibility. * Perform oversight of the development, implementation and evaluation of IS security program policy; special emphasis placed upon integration of existing SAP network infrastructure. * Perform assessment of ISs, based upon the Risk Management Framework (RMF) methodology in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG) * Advise the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues. * Evaluate Authorization packages and make recommendation to the AO and/or DAO for authorization. * Evalu