Identify areas of cyber weakness within programs and develop Plan of Action and Milestones (POA&M) required in support of information assurance or security necessities
Conduct tests of cybersecurity safeguards and integration of systems IAW established test plans, STIGs, and Cybersecurity Controls.
Automate security testing through scripts and macros
Ensure that the design of hardware, operating systems, and software applications adequately addresses security requirements for the Computing Environment (CE), to include testing cybersecurity mitigations
Development and production of RMF documentation for Secret, Top Secret, and JWICS networks
Perform vulnerability assessments and security tests on networks, web-based applications, and computer systems
Conduct network and system security audits, evaluate how well the system conforms to a set of established criteria
Document findings, write security reports, and discuss solutions with IT teams and management
Perform “black box” and “white box” testing and blue and red team war gaming exercises
Perform security and technical assessments on new technologies and generate "Best Practices" for the implementation of new technologies
Establish and sustain information security assurance processes that satisfy complex system-wide requirements
Provide cybersecurity recommendations based on evaluation and review of engineering proposals to ensure compliance with mandated cybersecurity requirements

Minimum 12 years relevant experience to include: Minimum of 5 years supporting the DoD
Citizenship: Must be a US citizen
Clearance: Must possess and maintain a TS w/SCI eligibility
Bachelor's degree

Security Controls Assessor

Key skills