Senior Security Controls Assessor Representative (SCAR)

Own Your Future.

Modern Technology Solutions Inc. (MTSI) is seeking a Security Controls Assessor Representative (SCAR) Subject Matter Expert (SME) to join our team in support of an important Department of the Air Force (DAF) program.

The candidate will be responsible for assessing and ensuring compliance with applicable security regulations for various classified non-traditional Information Systems (IS)s. This position requires an active Top Secret clearance with SCI eligibility along with Special Access Program read-in/experience. A successful candidate must be a self-starter who possesses initiative, excellent communication skills, the ability to lead diverse teams, to collaborate effectively with cross-functional teams, and a proven problem solver.

May require travel up to 40% of time within the continental United States.

Why is MTSI known as a Great Place to Work?

• Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security.
• Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.
• 100% Employee Ownership: we have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.
• Great Benefits - Most Full-Time Staff Are Eligible for:
• Starting PTO accrual of 20 days PTO/year + 10 holidays/year
• Flexible schedules
• 6% 401k match with immediate vesting
• Semi-annual bonus eligibility (July and December)
• Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
• Up to $10,000 in annual tuition reimbursement
• Other company funded benefits, like life and disability insurance
• Optional zero deductible Blue Cross/Blue Shield health insurance plan
• Track Record of Success: We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit www.mtsi-va.com.

Duties to be independently executed include but are not limited to:

• Overseeing and ensuring organizations are addressing cybersecurity during all phases of the System Development Life Cycle and are conducting continuous monitoring and reporting requirements.
• Regularly liaising with external program offices and organizations to mentor, collaborate with, and provide recommendations concerning best practices and ensuring compliance with Security Assessment Report (SAR) requirements.
• Performing assessments of the implementation of DoD, and National Institute of Standards and Technology (NIST) Information System (IS) security program policies with special emphasis upon the Risk Management Framework (RMF) methodology in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG) and Intel Community Directives (ICD).
• Authoring, reviewing, and analyzing RMF assessment packages for completeness and accuracy, and documenting the effectiveness of controls, plans, and procedures implementation.
• Ensuring completeness of security assessments and that results are documented and preparing the SAR for the authorization boundary as well as confirming the Plan of Action and Milestones (POA&M) recommendations/guidance.
• Evaluating Authorization packages and making recommendations to and discussing with the Subordinated, Delegated and/or Authorizing Official (SAO, DAO, and/or AO).
• Ensuring corrective actions were taken for identified findings and vulnerabilities in the SARs.
• Assessing proposed changes to authorization boundaries, the operating environment, and mission needs and making recommendations to risk status.
• Assisting the government in compliance inspections and representing the customer on inspection teams.
• Reviewing and assessing procedures for clearing, sanitizing, and destroying various types of hardware and media.
• Assessing if organizations are addressing cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.
• Preparing and delivering briefings on program and/or assessment status to the relevant leadership.

Required Qualifications:

• 15 years or more of Security Controls Assessor (SCA)/Representative (SCAR) or related experience.
  • Of which, 5 years or more experience in the role of Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), or Information Systems Security Engineer (ISSE).
• Experience assessing SAP and SCI information systems.
• Experience with non-traditional ISs, C2 environment, or Tactical Systems is desired.
• Experience with authoring A&A documentation and artifacts for SAP and SCI systems.
• Knowledge of federal security requirements and mandates (e.g. RMF, FIPS, NIST, CNSSI, ICD, and JSIG).
• Ability to work well independently or as a team member.
• Excellent oral and written communication skills, and ability to clearly translate client technical needs into technical specifications.
• Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment.
• Demonstrated ability to assess and articulate risk, including to non-technical audiences.

Education Requirements:

• Bachelor of Science degree in Computer Science, Cyber, Software Engineering, Data Science, Software Development or STEM-related specialty.

Certification Requirements in one or more of the following:

• Certified Information Systems Security Professional CISSP or (CISSP-ISSEP/CISSP-ISSAP) or IAT Level III - CEH, CySA+, or SCP.
• DoD 8140.3 Certified.
• Assessor background/experience is greatly preferred.

Clearance Requirements:

Security Clearance Level Required: Must possess an active Top Secret security clearance, current within five (5) years, based upon a T5 or T5R investigation (formerly known as Single Scope Background Investigation (SSBI) or SSBI Periodic Review (SBPR)).

Please Note: U.S. Citizenship is required.

#LI-CH1