Pipeline- Senior Security Control Accessor

Position Overview

Arlo is in search of a Senior Security Control Accessor to support a government client. The Department of Defense’s (DoD) Chief Digital and Artificial Intelligence Office (CDAO) is at the forefront of supporting the DoD with the adoption of innovative technologies such as data, analytics, and artificial intelligence to help accelerate predictions, forecasts, and interpretations for both strategic and tactical decisions across the enterprise. These ground-breaking endeavors bring new challenges to the assessment of DoD IT systems that previously did not exist.

Arlo Solutions is looking for a Senior DoD cloud focused Security Control Assessor (SCA) and RMF Subject Matter Expert to support CDAO with assessment and authorization of some of the DoD’s most innovative efforts. This resource will support mission critical DoD projects with all facets of the RMF and across multiple programs. 

Work Location

Full time remote. Candidates in the Washington DC Metropolitan preferred. Travel requirements will vary with location, however, expect approximately 10%. 

Job Responsibilities

• Provide the AO with an independent risk assessment of assigned systems and an authorization.
• Advise Program Managers on AO determination utilizing OVL documentation.
• Provide senior advisory support to CDAO Authorization Official (AO) regarding authorizations of CDAO capabilities.
• Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program.
• Providing support regarding the agile authorization and Operation Vulcan Logic (OVL) processes.
• Provide independent risk analysis and recommendation.
• Collaborate between the AO and the program as well as Program leadership.
• Identify the security baseline based on the mission and security impacts to the system.
• Determine assessment criteria, develop, review, and create a plan to assess the security requirements.
• Assess the security requirements in accordance with the assessment procedures defined in the Security.
• Assessment Plan (SAP).
• Prepare the Security Assessment Report (SAR).
• Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate.
• Develop the Risk Recommendation and Authorization Office (AO) Determination Brief.
• Develop a system-level continuous monitoring strategy.
• Author and present briefs regarding status of authorizations to AO and other senior Government officials.
• Provides security architecture and DoD compliance advisory support.

Success Factors

• Have a strong background in information security, risk management, and compliance.
• Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships.
• Manage multiple priorities in a high-paced and fast-changing environment.
• Perform other duties as assigned or required.

Education and Minimum Qualifications

• Must have an active TS/SCI Clearance
• Bachelor’s Degree in computer science/Information Technology, or other related degree fields (Master’s Degree is preferred or at least 10 years of related experience)
• At least 10 years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus.
• At least one IAT/IAM or equivalent security certifications ex. CISSP, CCSP, CISM, CISA, or CASP
• Experience working with OSD leadership or Military component or branch.
• Expert understanding of NIST 800 series guidelines, DoDI 8500.01, DoD 8140.03, rISO 27001, COBIT, DoD RMF, OVL, and current cybersecurity best practices.
• Excellent communication/presentation skills briefing senior military and government civilian leadership.
• Experienced with writing policies, guides, procedures.
• Experience in hands on with eMASS, Xacta and/or other GRC tools.
• Experience with Federal and FedRamp A&A Processes.
• Experienced and comfortable advising at the Senior Executive Service (SES) level of customers.