• Security Controls Assessor (SCA)

    Job Locations US-DC
    Posted Date 3 months ago(9/19/2018 10:28 AM)
    Job ID
    Information Technology
  • Overview

    AnaVation is looking for several talented Security Contol Assessors (SCA)  who are passionate about technology and working with cutting edge software and hardware to support our mission critical customer in Washington, DC.  The ideal candidate appreciates partnering with our customer and a group of engineers to create innovative engineering solutions.


    The SCA will:


    • Support Risk Management Framework (RMF) mission sets.
    • Develop and sustain RMF Certification and Accreditation (C&A) packages to maintain Authorization to Operate (ATO)
    • Validate and upload RMF documentation into the Enterprise portal
    • Process and submit Plans of Action and Milestones (POA&Ms)
    • Support IT Incident Response (IR) actions and reporting
    • Track reporting and processing of Cybersecurity Tasking Orders, Warning Orders and Operation Orders.
    • Provide packages, templates and guidance to gain approved Army Certificates of Networthiness (CoN) for new or upgraded software
    • Write/develop System Security Plans (SSP) and Tenant Security Plans (TSP)
    • Whitelists, Blacklists, BOGON, and other Access Control List (ACL) validation and management
    • Support Cybersecurity IT internal and embedded inspection teams.
    • Perform logging, correlation, and scanning with tools such as Fortify Security Control Analyzer (SCA), Assured Compliance Assessment Solution (ACAS), HP ArcSight, and Enterprise Security Management (ESM).
    • Ensure DISA STIGs are implemented and enforced.
    • Perform enterprise-wide risk analysis and vulnerability assessments
    • Enter/manage data in the Army Portfolio Management Solution (APMS) registry and associated Assessment and Authorization (A&A) requirements for annual Federal Information Security Management Act (FISMA) reporting



    • Must have current DoD 8570.01-M Information Assurance Technical IAT Level II (IAT II) baseline certification i.e. current Security+ CE certification, or any of the other DoD approved IAT II baseline certifications listed at this link: http://iase.disa.mil/iawip/Pages/iabaseline.aspx.  Uncertified candidates cannot be considered.
    • Minimum 2 years’ experience in Cybersecurity as a primary job duty. Higher levels of experience required for more senior positions.
    • Hands-on experience with associated Cyber tools (ACAS, Fortify, ArcSight, eMASS, HBSS)
    • Selected applicant will be subject to a government security investigation and must meet eligibility requirements for access to classified information 

    Desired Skills:

    • Recent experience supporting Accreditations under RMF.
    • Bachelors’ Degree in IT related discipline
    • Higher level DoD 8570 IAT-III/IAM certifications (i.e. CISSP, CASP, etc.)

    EEO Statement

    AnaVation is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law.


    If you need a reasonable accommodation for any part of the employment process, please contact us by email at accommodations@anavationllc.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.