Security Control Assessor

Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future. 

**This opportunity is contingent upon award**

Position Overview

The Security Control Assessor will be responsible for evaluating and assessing the security controls of Defense Security Cooperation Agency’s (DSCA) information systems. This role involves conducting comprehensive assessments to ensure compliance with federal cybersecurity standards and providing recommendations to improve the agency’s security posture.

Work Location

Pentagon, VA

Job Responsibilities and/or Success Factors

• Conduct thorough assessments of security controls on DSCA’s information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives.
• Develop and maintain assessment documentation, including Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms).
• Perform risk assessments to identify potential security threats and vulnerabilities.
• Provide detailed recommendations to mitigate identified risks and enhance the security posture of DSCA’s information systems.
• Collaborate with system owners, IT staff, and cybersecurity teams to ensure effective implementation of security controls.
• Conduct continuous monitoring activities to ensure ongoing compliance with security policies and procedures.
• Provide guidance on the security assessment and authorization (A&A) process, including developing and maintaining System Security Plans (SSPs).
• Assist in the development and delivery of cybersecurity training and awareness programs for DSCA personnel.
• Stay current with the latest cybersecurity threats, trends, and technologies to continuously improve assessment methodologies and practices.
• Participate in security audits and reviews to ensure adherence to established security standards and best practices.

Education and Minimum Qualifications

• Must be a US Citizen.
• TS/SCI Clearance
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (Master's degree preferred).
• Minimum of 5 years of experience in information security, with a focus on security control assessment and risk management.
• Certifications such as CISSP, CISA, CAP, or equivalent are highly desirable.
• In-depth knowledge of federal cybersecurity regulations and standards, including NIST SP 800 series and FISMA.
• Proven experience in conducting security control assessments and developing security assessment documentation.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex cybersecurity concepts to technical and non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment.

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.