Security Controls Assessor & ISSO Support

Alpha Omega is an award-winning Federal IT Solutions provider. Since its inception in September 2016, we have grown from a start-up to a $100m/year business. Alpha Omega’s growth stems from our mission focus: to make the US Government the best in the world. We achieve that via advanced capabilities in the areas of Design & Product Management, DevSecOps & Cloud Engineering, Intelligent Automation, and Cybersecurity.  

Our consistent growth has fostered a series of accolades including Inc. 5000 and Washington Technology’s Fast 50 awards for five consecutive years, Virginia Business Best Places to Work ten years in a row, and Maryland Technology Council's 2022 Government Contract of the Year over $50 Million Dollars award, to name a few. 

We are seeking passionate federal IT professionals to join our team.  

Come support our nation’s government agencies and make a difference! 

Why Us?  

We have H.E.A.R.T.! Alpha Omega's Core Values – (H) harmony, (E) engagement, (A) accountability, (R) resourcefulness, and (T) tenacity- collectively are an acrostic reminder of the values that guide the work we do.  

We foster a culture that recognizes and rewards hard work. Our H.E.A.R.T. program invites colleagues and managers from across the organization to recognize each other for living out our core values. Spotlighted employees enjoy a detailed nomination about their core-values-aligned actions which are then shared with their manager.

Ready to embark on a rewarding, challenging, and fulfilling career in the Federal IT Solutions space? 

Come grow with us!  

Job title: Security Controls Assessor & ISSO Support
Location: Hybrid – Reston, VA &/or Washington DC (SCIF) (Onsite 2 days a week required)
Clearance Required: Top Secret

Alpha Omega in seeking a Security Controls Assessor, w/an ISSO background.  The SCA shall perform independent assessments of the System Security Plan (SSP) to ensure that it provides a set of security controls adequate to meet all the applicable security requirements. Perform all independent verification and validation (IV&V) services.

Security Control Assessor (SCA) Support:

• Document the results and recommendations of the security control assessment
• Conduct comprehensive reviews of security authorization documents
• Execute/review/interpret automated vulnerability scans
• Ensure required security authorization activities are completed and the results are documented;
• Review and process Interconnection Security Agreements (ISAs), Policy Waivers, Interim Authority to Test (IATT), and Authority to Operate (ATO) documents.
• Review IS security plans and other SA&A documents; Assist Treasury in preparing a written justification for waivers.
• Attend Compliance Team meetings and provide reports in the approved format on the status of requested activities.
• Provide guidance and support for all assigned Security Assessment & Authorization (SA&A) activities.
• Advise and assist with the Lifecycle Security Assessment & Authorization (SA&A) process.
• Develop Security Assessment Reports (SAR)
• Monitor and track projects in the assessment test queue.
• Maintain document repository where A&A project documentation is stored.
• Read and analyze SSPs and develop understanding of systems and applications into security test plans.
• Coordinate SA&A actions and system testing with appropriate security personnel.
• Review IA Compliance Validation Tests and Reports
• The SCA shall also provide the following at the request of the government:

• NIST RMF ATO Documentation such as System Categorization, System Security Plan (SSP), Security Control, Baselines, Tailoring and Overlays; Continuous Monitoring Strategy, or other documentation.
• Security Assessment Plan (SAP), Security Assessment Report (SAR), Security Requirements Compliance Matrix (SRCM), and the Plan of Actions and Milestones (POA&Ms).
• Reports such as Daily: Daily Morning Checks (Network Security), Weekly:  ACAS Report, Monthly:  STIG Compliance Report, SCA Testing Report, Detailed ACAS Report, NSP Report, Quarterly:  POAM and Risk Acceptance Report, System Security Plan (SSP), NIST Report, Annually:  Security Assessment and Authorization (SA&A) Report, SAAR Report, Ad-Hoc:  Contingency Response or exercise After Action Reports, Incident Reports, Test Results Report, and other reports as requested by the Government PM

Information Security System Officer (ISSO) Support:

• Build ATO packages for the Security Assessment and Authorization (SA&A) process
• Maintain ATO packages for the Security Assessment and Authorization (SA&A) process
• Assess the impacts on system modifications and technological advances
• Review systems and logs to identify potential security weaknesses
• Verify security methods, and recommend improvements to amend vulnerabilities
• Implement and document findings and changes
• Assist in managing, maintaining, closing vulnerabilities
• Assist in managing and maintaining a Plan of Action and Milestones (POA&M)
• Assist with Federal Information Security Management Act (FISMA) and other applicable IT audits and inspections
• Assist with assessing and responding to security-related requests within various ticketing systems
• Assist with maintaining operational security posture for information systems.

Required Skills/Experience:

• 5+ years of experience in an SCA &/or ISSO position meeting the requirements above
• Ability to work onsite in SCIF at least 2 days a week in Reston, VA or Washington, DC (site location will be based on the need and/or day)

Alpha Omega Integration, LLC (Alpha Omega) is committed to the development of a creative, diverse, and inclusive work environment.  In accordance with the law and our organizational values, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, Veteran Status, or any other characteristic protected by law (referred to as "protected status)”.  Final hiring decisions at Alpha Omega will be based on merit, qualifications, and abilities.   

Black, Indigenous, and People of Color (BIPOC), LGBTQIA, women, people over 40, and differently-abled folks are strongly encouraged to apply.

#LI-Hybrid

#LI-SR