Senior Security Controls Assessor Representative (SCAR)

Own Your Future.

Modern Technology Solutions Inc. (MTSI) is seeking a Senior Security Controls Assessor Representative (SCAR) to join our team in support of an important Department of the Air Force (DAF) program.

The candidate will be responsible for assessing and ensuring compliance with applicable security regulations for various classified non-traditional Information Systems (IS)s. This position requires an active Top Secret clearance with SCI eligibility along with Special Access Program read-in/experience. A successful candidate must be a self-starter who possesses initiative, excellent communication skills, the ability to lead diverse teams, to collaborate effectively with cross-functional teams, and a proven problem solver.

May require travel up to 40% of time within the continental United States.

Why is MTSI known as a Great Place to Work?

• Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security.
• Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.
• 100% Employee Ownership: we have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.
• Great Benefits - Most Full-Time Staff Are Eligible for:
• Starting PTO accrual of 20 days PTO/year + 10 holidays/year
• Flexible schedules
• 6% 401k match with immediate vesting
• Semi-annual bonus eligibility (July and December)
• Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
• Up to $10,000 in annual tuition reimbursement
• Other company funded benefits, like life and disability insurance
• Optional zero deductible Blue Cross/Blue Shield health insurance plan
• Track Record of Success: We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit www.mtsi-va.com.

Duties to be independently executed include but are not limited to:

• Ensuring organizations are addressing cybersecurity during all phases of the System Development Life Cycle and conducting continuous monitoring and reporting requirements.
• Performing oversight of the development, implementation and evaluation of system security program policy with special emphasis placed upon integration of existing Special Access Program (SAP) and Secure Compartmentalized Information (SCI) network infrastructures.
• Performing assessments of non-traditional ISs services (e.g., Command and Control - C2, Platform) based upon the Risk Management Framework (RMF) methodology in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG) and Intel Community Directives (ICD).
• Reviewing and analyzing Assessment & Authorization (A&A) packages for completeness, accuracy, and documenting the effectiveness of controls, plans, and procedures implementation.
• Evaluating Authorization packages and making recommendations to and discussing with the Subordinated, Delegated and/or Authorizing Official (SAO, DAO, and/or AO).
• Ensuring corrective actions were taken for identified findings and vulnerabilities.
• Documenting and preparing complete Security Assessment Reports (SAR)s and providing Plan of Action and Milestones (POA&M) recommendations/guidance for the authorization boundary.
• Assessing proposed changes to authorization boundaries, the operating environment, and mission needs to determine the continuation to operate.
• Assisting the government in compliance inspections and representing the customer on inspection teams.
• Differentiating between the various types of Cross-Domain Solutions (CDS) and assisting with joint assessments in coordination with other DoD agencies.
• Reviewing and assessing procedures for clearing, sanitizing, and destroying various types of hardware and media.
• Ensuring organizations are addressing cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.
• Preparing and delivering briefings on program and/or assessment status to the relevant leadership.

Required Qualifications:

• 8 years or more a Security Controls Assessor (SCA)/ Representative (SCAR) or related experience.
  • Of which 3 years or more of experience in the role of Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), or Information Systems Security Engineer (ISSE).
• Experience with non-traditional ISs, C2 environment, or Tactical Systems is desired.
• Experience assessing SAP and SCI ISs.
• Experience with authoring A&A documentation and system authorization artifacts for SAP and SCI systems.
• Knowledge of federal security requirements and mandates (e.g., RMF, FIPS, NIST, CNSSI, ICD, and JSIG).
• Ability to work well independently or as a team member.
• Excellent oral and written communication skills, and ability to clearly translate client technical needs into technical specifications.
• Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment.
• Demonstrated ability to assess and articulate risk, including to non-technical audiences.

Education Requirements:

• Bachelor of Science degree in Computer Science, Cyber, Software Engineering, Data Science, Software Development or STEM-related specialty.

Certification Requirements in one or more of the following:

• Certified Information Systems Security Professional CISSP or (CISSP-ISSEP/CISSP-ISSAP) or IAT Level III - CEH, CySA+, or SCP.
• DoD 8140.3 Certified.
• Assessor background/experience is greatly preferred.

Clearance Requirements:

Security Clearance Level Required: Must possess an active Top Secret security clearance, current within five (5) years, based upon a T5 or T5R investigation (formerly known as Single Scope Background Investigation (SSBI) or SSBI Periodic Review (SBPR)).

• Please Note: U.S. Citizenship is required.

#LI-CH1