SAP Security Control Assessor

Pueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a business organization that thrives on career development and independence. In support of mission and professional growth, our Parliament has supported the development of multiple patents, proprietary tools, and applications as well as trademarked processes.

Our organization emphasizes career development across multiple career environments (at the members own pace) and ensures those who contribute broadly are properly rewarded. Pueo has four career environments where every member of the parliament can participate. Each environment has opportunities available for all levels. Opportunities are framed by an employee's desires and capabilities, and we ensure challenges, growth, and unique experiences are available for employees at all levels.

Our Career Environments (Program, Functional, Service, and Leadership) provide numerous opportunities for employees to invest in their personal growth and those things that offer fulfillment. We invest in helping our members create and execute their career development plans. Our Pods (small teams of 5 or less) are comprised of personnel with similar skillsets to ensure mentorship, understanding, and peer support.

GENERAL DUTIES:

This role is responsible for leading evaluations and ensuring the effectiveness of security controls for classified information systems and Platform Information Technology (PIT) in accordance with the Risk Management Framework (RMF). Assigned systems will process up to, and including Alternate Compensatory Control Measures (ACCM), Special Access Programs (SAP), Controlled Access Programs (CAP), and Sensitive Compartmented Information (SCI) data.

The technical functions encompass a range of tasks aimed at assessing, testing, and validating security measures to identify vulnerabilities and enhance overall security posture. Here are the technical functions typically associated with ensuring the integrity, confidentiality, and availability of data within these highly restricted programs.

• Accountable for managing and overseeing the assessments and authorization activities for systems within the assigned portfolio.
• Lead relevant program & project team meetings in coordination with stakeholders to establish RMF assessment criteria and conduct system and program level cyber security testing.
• Identify possible improvement actions to enhance the SAP SCA team performance and ensure quality and

REQUIRED QUALIFICATIONS:

• Experience: 12 years of cyber security related experience or the equivalent combination of professional support, education, and professional training. 2 years of prior experience as a Security Control Assessor (SCA). 4 Years prior experience in DoD or IC Special Programs.
• Education: Bachelor's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, Information Systems, or a related technical discipline.
• Certifications: Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140
• Cyberspace Workforce Management, and IAT Level III (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP).
• Skills: Strong independent work ethic, exceptional oral and written communication skills, and the ability to work unsupervised and within a team environment. Focuses on the consistent execution and updating of organizational
• Certifications: Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP).

DESIRED QUALIFICATIONS:

• Current Counter-Intelligence Polygraph.
• Experience with Protection Level (PL)3 technologies, which bind security attributes to data objects.
• Experience conducting cyber security assessment of complex SAP, CAP, ACCM, and SCI systems.
• Experience with technologies such as cloud computing, encryption, Public Key Infrastructure (PKI).
• Background and understanding of the organizational relationships between the Intelligence Community (IC), DoD SAP community, and DIA.
• Knowledge of networking technologies and protocols.
• Knowledge of the hardening process for operating systems and applications.

CLEARANCE:

• TS/SCI minimum

Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.