Security Control Assessor - Copper River Family of Companies
Dayton, OH
About the Job
TACG is seeking a Security Control Assessor at Wright Patterson AFB. This position will support testing and evaluation (T&E) of new applications and systems at the Air Force Research Lab (AFRL). AFRL is the premier research and development (R&D) center supporting the US Air Force (USAF), Department of Defense (DoD), and mission partners requiring these capabilities to support the Warfighter in full-spectrum operations. The role of this position is to perform systems testing for bringing on new applications and software projects within AFRL and knowing all the checks and compliances including Security Control Assessments and supporting the Security Control Assessor Representative (SCAR) functions.
Responsibilities (include but are not limited to):
- Provide technical expertise and cybersecurity services to augment and support the Security Control Assessor Representative (SCAR) and Associate Security Control Assessor Representative (ASCAR) functions throughout all security development lifecycles performed within a simulator program's SDLC.
- Play a crucial role in our software development lifecycle by creating and executing test plans, automating test cases, and ensuring the overall quality of new software products.
- Active engagement during software development and testing by troubleshooting and rectifying security vulnerabilities associated with the new software.
- Prepare, coordinate review and approval, and manage execution of test strategy, concepts, methodology, plans, processes, and procedures.
- Provide T&E-related expertise in various DoD Adaptive Acquisition Framework (AAF) and System/Software Development Life Cycles (SDLCs); advise, advocate, and/or incorporate; optimal combinations within test strategies, plans, policy & guidance, and/or procedures.
- Independently prepare (or advise others in the preparation of) test criteria, computation/analyses, specifications, cost estimates, and technical reports.
- Select and apply T&E techniques and procedures to analyze and evaluate specific problems, data, or other features of the work which are broad in scope and complexity.
- Evaluate the configuration, capability, and operational relevance of test environments and ensure they are properly available for the thorough testing of software releases, e.g., fault insertion/fault identification.
- Work closely with development teams to identify and address issues, improve testing processes, and maintain a high standard of product quality.
- Increase the security posture of programs by ensuring security controls are implemented and working per the ATO.
- Ensuring new software projects comply with corporate and governmental policies, and cybersecurity best practices, including the protection of sensitive information.
- Perform comprehensive testing and quality assurance to identify and resolve issues, thereby enhancing system reliability and performance.
- Support Information Owners achieving consistent application and implementation of network and system security policies, countermeasures, and procedures under development.
- Recommend risk mitigation procedures and countermeasures when a cybersecurity incident or vulnerability is discovered.
- Create, update, track, and monitor Plan of Action and Milestones (POA&Ms) from beginning through final resolution of security findings.
- Create and execute test plans for new software projects to proactively identify and resolve bugs and issues.
- Conduct comprehensive troubleshooting and root cause analysis for issues reported by end-users to enhance system reliability and performance.
Requirements:
- Clearance:
- Secret
- Education:
- Bachelor's degree in computer science or related field
- CompTIA Security+ CE or other DoD IAT II or higher-level baseline certification required is a plus
- Experience:
- 5 plus years of system security testing experience conducting information system security assessments; evaluating IA and Cybersecurity security controls; and conducting and supporting RMF activities
- Strong documentation skills with the ability to create clear and concise test plans
- Preferred Skills:
- Experience with the implementation of new IT/Business System technologies is a plus.
- Familiarity with AFI 99-103 for Capabilities-Based Test and Evaluation
- Experience with Agile Development Methodology
- Experience in developing risk mitigation strategies as part of overall testing process
- Proficiency in secure software development practices, with an emphasis on integrating security into the development lifecycle (DevSecOps)
About Copper River & The Native Village of Eyak:
Owned by the Native Village of Eyak (NVE), a federally recognized Alaska Native Tribe, the Copper River Family of Companies are a collection of entities that deliver a complementary set of solutions and services to support the diverse missions and requirements of our clients. Proud participants of the Small Business Administration's (SBA) 8(a) Business Development Program since 2006, our companies consist of both current and graduation SBA 8(a) entities. It is our collective purpose to support the Tribe and diversify the NVE's ability to facilitate economic advancement.
The income generated from our companies helps the Native Village of Eyak fund health and social services, economic development, natural resource/environmental education, jobs, job training, and other benefits to the NVE in a manner that is consistent with Alaskan Native cultural values and traditions.
Copper River's Culture
The Copper River Family of Companies has a positive, supportive, and thriving culture. At the foundation of our culture is a focus on collaboration. No matter your role or which operating company you work for, we are ONE TEAM working toward the same goals for our customers and for our collective owner- The Native Village of Eyak. How we treat each other is just as important as the work we deliver.
Benefits
- Comprehensive medical, dental, and vision coverage
- Flexible Spending Account - healthcare and dependent care
- Health Savings Account - high deductible medical plan
- Retirement 401(k) with employer match
- Open leave policy and paid holidays
- Additional benefits including tuition reimbursement, transportation expense account, employee assistance program, and more!
Note: These benefits are only applicable to full time, regular associates at Copper River.
Disclaimer:
The Copper River Family of Companies provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.