Security Controls Assessor

Job Description

Job Description

Security Controls Assessor

• Must be able eligible for a federal security clearance (US Citizen)
• Hybrid onsite in Amarillo, TX

Knowledge, Skillset, and Abilities (KSAs)- General understanding of cyber requirements. Ability to interpret cyber security plans for vendors to determine compliance with the NIST requirements. Ability to communicate with vendor IT and Cyber staff.

Specific Requirements - Working knowledge of NIST 800-171, NIST SP 800-53, NIST SP 800-53A. Ability to assess and document assessment results for NIST SP 800-171 security controls. Ability to aggregate risk for NIST SP 800-171security controls into an overall risk assessment for a non-federal information system processing CUI data. Knowledge of cyber controls. Familiarity with DFARS requirements for processing CUI data on non-federal information systems.

Specific Deliverables - Determination documentation on vendor NIST 800-171 compliance. Correspondence with vendors to correct deficiencies. Attend meeting on compliance status.

Comments : Desired qualifications : Certification as Certified CMMC Professional (CCP), Certification as Certified CMMC Assessor (CCA), Training associated with the assessment of NIST security controls