(HIQ 9290) Security Control Assessor Representative (SCAR) Team Member – Gunter AFB (AL)
Location: Montgomery, AL
Clearance Required: Secret
PCI is actively seeking a Security Control Assessor Representative (SCAR) Team Member to support the Business Enterprise Systems Directorate (AFLCMC/HIQ) located at Maxwell-Gunter Air Force Base in Alabama.
- Ensure system/application policies and procedures reflecting the legislative intent of applicable laws and regulations for the network environment/system are followed.
- Review application/systems plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
- Participate in an Information System Assessment Process (SAR).
- Assess security requirements for hardware, software, and services acquisitions specific to network environment/system cyber security programs.
- Ensure that cyber security enabled software, hardware, and firmware comply with appropriate network environment/system security configuration guidelines, policies, and procedures.
- Ensure that network environment/system Information System recovery processes are monitored and that cyber security features and procedures are properly restored.
- Review cyber security plans for the network environment/system.
- Test/Validate Controls.
- Use eMASS to review Controls.
- Review Plan of Actions and Milestones (POA&M) entries.
- Ensure that cyber security inspections, tests, and reviews are coordinated for the network environment/system.
- Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed.
- Provide leadership and direction to network environment/system personnel by ensuring that cyber security awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.
- Advise the AO, AODR, and application/system owner of any risks or vulnerabilities discovered.
- Prepare Security Assessment Reports for systems/applications reviewed
- Possess at least 5 years of Information Assurance/Cyber Security Experience.
- Be able to apply knowledge of IA policy, procedures, and workforce structure to develop, implement and maintain a secure network environment
- A GSLC, CISM, or CISSP Certification (DOD 8570, IAM Level III Certification) is required. If the candidate does not have a current CISSP certification (but does have a GSLC/CISM), they will be responsible for obtaining it within 6 months of hire.