Information Technology (IT) Specialist/Security Control Assessor Representatives

  • Published
  • Air Force Nuclear Weapons Center
Come be a part of something big! Smart Minds, Cool Jobs and Awesome Rewards! Fueled by innovation, talent and ambition, the Air Force Civilian Service (AFCS) is seeking civilian professionals prepared to deploy war-winning capabilities on behalf of the United States Air Force.
 
Closes: May 1, 2024
 
Air Force Nuclear Weapons Center (AFNWC) is currently seeking TWO full-time Information Technology (IT) Specialist/Security Control Assessor Representatives – (SCAR) (002059281M, 009863381M) at Hill Air Force Base near Layton, Utah.
 
The Sentinel program is a major defense acquisition program charged to deliver a full system replacement for the nation’s Minuteman III Intercontinental Ballistic Missile (ICBM) System, providing a strategic deterrent to nuclear attack against the United States.
 
This position is an NH-2210-03, which has a typical 2024 salary range of $86,962- $134,435.  There is potential for a Group Retention Incentive in addition to basic salary.
 
*This position is NOT eligible for remote or full-time telework because of the sensitive nature of the work; situational-based agreements may be available at the discretion of the hiring manager.
 
The primary purpose of this position is to serve as a SCAR, conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an IT system to determine the overall effectiveness of the controls (as defined in NIST 800-37). 
 
Security Control Assessor Representative
• Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an IT system to determine the overall effectiveness of the controls (as defined in NIST 800-37). 
 
DUTIES:
  • Develop methods to monitor and measure risk, compliance, and assurance efforts.
  • Develop specifications to ensure risk, compliance, and assurance efforts conform with security, resilience, and dependability requirements at the software application, system, and network environment level.
  • Draft statements of preliminary or residual security risks for system operation.
  • Maintain information systems assurance and accreditation materials.
  • Monitor and evaluate a system’s compliance with information technology (IT) security, resilience, and dependability requirements.
KNOWLEDGE, SKILLS, & ABILITIES (KSAs):
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
  • Knowledge of relevant laws, policies, procedures, or governance related to critical infrastructure.
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of cybersecurity principles.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of cyber defense and vulnerability assessment tools, including open-source tools, and their capabilities.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of organization’s evaluation and validation requirements.
  • Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
  • Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of cloud computing service models Software as Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
  • Knowledge of cloud computing deployment models in private, public, and hybrid environments and the difference between on-premises and off-premises environments.
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
REQUIREMENTS FOR THE POSITION (NOT ALL-INCLUSIVE):
  • U.S. CITIZENSHIP
  • Employee must be able to obtain and maintain a Top Secret security clearance and will be required to handle and safeguard sensitive and/or classified information in accordance with regulations to reduce potential compromise.  A fully adjudicated Top Secret clearance within past 5-years is preferred.
  • New hires are required to meet the appropriate qualifications for the specific position being filled, per Department of Defense (DoD) Manual 8140.03 dated 15 Feb 2023, Cyberspace Workforce Qualification and Management Program.
  • This position is DoD Cyberspace Workforce (DCWF) Cyberspace Work Role coded:
  • 612 (Security Control Assessor) (Proficiency Level:   Advanced)
  • Review the required Knowledge, Skills, Abilities, and Tasks (KSATs) for the Cyber Work Role, at  https://dl.dod.cyber.mil/wp-content/uploads/dcwf/ElementsMap/story.html
  • In accordance with the Ethics in Government Act, 1978, employee may be required to file an OGE Form 450, Confidential Financial Disclosure Report, upon appointment and will be required to file annually.
  • Your resume is key to evaluating your skills, knowledge, and abilities; be clear and specific when describing experience. If using Microsoft Word, please use 2018 or a more recent version, as MS Word 97-2003 documents are no longer viewable.
HOW TO APPLY: 
When applying at the link below, please use Microsoft Edge or Google Chrome. Click the apply button to complete an application and upload resume (PDF or Word Doc) and/or additional documents (Transcripts, certifications, Vet Docs (DD214), SF-50).
 
Apply at https://afcs.experience.crmforce.mil/s/registration?jobId=a0583000000GpDaAAK by May 1, 2024. Permanent Change of Station (PCS) and recruitment/relocation expenses may be covered.
 
If you have questions about this position or about the application process, please contact Arlene Pando AFNWC Recruiting Specialist, at arlene.pando@us.af.mil
 
To find all current job and internship opportunities at the Air Force Nuclear Weapons Center, visit the AFNWC webpage at: https://www.afnwc.af.mil/About-Us/Jobs/
 
To receive additional information about current and future job openings with AFCS via email notification, please register at www.Afciviliancareers.com and sign up to “Get Career Updates.”
 
Equal Opportunity Employer. U.S. citizenship required. Must be of legal working age.