This position requires office presence of a minimum of 5 days per week and is only located at customer's site. No relocation is offered.

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers’ mission.

Our team supports the federal government leveraging the Enterprise Infrastructure Solutions (EIS) contract vehicle providing multiple and diverse solutions to streamline, simplify, reuse, rebuild, modernize, or enhance the government’s network. This includes professional services, design, engineering, system architecture, installation, monitoring, solutioning, etc. Our customers are widespread agencies in the public sector and intelligence communities.

AT&T has an opening for an Independent Accessor to support the Department of State in Washington, D.C. on a 10-year contract charged with performing independent Security Control Assessments (SCA) of all networks under the customers purview inclusive of Unclassified, Secret, & TS/SCI, etc.) The role is inclusive of reviews of all existing security system documentation, system security plans, current Plan of Action & Milestone (POA&M) and Contingency Plan (CP) while utilizing the automated scanning tools to ensure existing applicable policies and standards currently being used are within the Risk Management Framework (RMF) for National Security Systems. Candidate will be responsible for General Support Systems (GSS), major applications, minor applications, cross domain solutions and cloud instance. Expectations include not only maintaining but to improve, make professional recommendations to improve systems by ensuring confidentiality, integrity, and availability of the Bureau’s systems and network infrasturers.

Job Duties/Responsibilities:

Maintain the current systems while assessing areas of immediate improvement, short-term improvement, and long-term improvement.

Use XACTA or other methods deemed viable

Perform on-going/constant compliance and vulnerability scanning

Generate & articulate presentable findings for all levels of management, inclusive of Senior Government Officials and/or stakeholders

Maintain staffing strategy and approach providing the government with appropriately cleared IT security professionals where needed in SCA’s functions

Manage and maintain all systems which shall comply with Intelligence Community Directives (ICDs) and Standards (ICS), DOD and DOS compliance.

Create, maintain and provide a project plan to ensure a repeatable process for assessing systems and delivering standardized deliverable documentation

Must operate in a manner consistent with the Committee on National Security Systems (CNSSI) Instruction 1254, Risk Management Framework Documentation, Data Element Standards, and Reciprocity Process for National Security Systems (NSS), dated 8/31/2016 and ensure compliance with all appropriate Intelligence Community; National Institute of Standards and Technology (NIST); and Department of State policies, directives, and guidelines to include Intelligence Community Directives (ICD) and Standards (ICS).

Make recommendations regarding opportunities to enhance the security posture of all Department systems.

Ensure security is thoroughly incorporated into requirements, design, implementation, deployment, and operations and maintenance (O&M) of the agencies boundary and associated information system components.

Provide kick off meetings, using power point, create timelines, define actions being performed and make assignments.

Validate security controls to assure compliance

Serve as security knowledge expert as it pertains to confidentiality, integrity, and availability

Conduct evaluations, verification and analysis review of COTS/GOTS hardware/software for security flaws

Perform all applicable Compliance scans using the most current DOD Security Technical Implementation Guides (STIGs) and generate a clear concise report.

Perform all applicable Vulnerability Scans and generate a usable, clear, and concise report which could be used for senior level government management

Maintain and advanced familiarity with applicable STIGs, industry best practices and/or vendor specific practices for ensuring secure configurations – stay up to date with new technologies, including educating and briefing on new technological advancements.

Support testing environments well ahead of schedule for new technologies to be on the latest innovations with forward thinking and strategic future proofing.

Develop a Security Assessment Report (SAR) to be presented to Senior Leadership and Stakeholders – providing information on potential risks and solutions well in advance to assist with budgetary planning and implementation planning or testing.

Provide Weekly Status Report (WAR)

Ensure time off/PTO is updated and communicated at all times of staff members

Transition plan creation, submission, and performance

Comprehensive understanding of Cyber Security posture of the bureau

Maintain billable hours, provide burn rate reports, adhere to schedules

Required Clearance:

TS/SCI (#tssci)

Required Qualifications:

• Bachelors Degree in a field such as Information Systems, Computer Science, Engineering, Management Information’s Systems or related technical field AND 10+ years providing independent risk analysis, determining assessment criteria, and documented recommendations which became standard and/or actionable.
• Minimum 7+ years experience as a Security Control Assessor and/or related field
• Comprehensive knowledge of NIST 800 series, CNSSI, ICD’S, ICS’s, RMF and Operation Vulcan Logic (OVL).
• Expert knowledge of Cyber Security best practices
• Expert experience with authoritative risk determinations and recommendations critical for the Authorizing Official (AO) to grant an Authority to Operation (ATO).
• Evidence of independent risk assessments of assigned systems and an authorization recommendation
• Current active security certification – CISSP, CISA, CISM
• Other professional certifications a plus

Desired Qualifications:

• Strong client focus
• Strong presentation skills
• Ability to proactively network and establish relationships
• Be able to work in an office environment with other contractors and balance those relationships

Our Senior Security Control Accessor's earn between $98,100 - $235,000. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone

Weekly Hours:

40

Time Type:

Regular

Location:

Chantilly, Virginia

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.