Title:

Security Controls Assessor (SCA) Representative

KBR is seeking a Security Controls Assessor (SCA) Representative in Colorado Springs, CO area. The individual will directly support the United States Space Force (USSF) Risk Management Framework, Cybersecurity Framework (RMF, CSF) compliance activities to ensure security controls are defined, implemented, and assessed for complex multi-level security architectures of advanced aerospace systems.

Responsibilities:

Conducts independent comprehensive assessments of the management, operational, and technical security controls, and control enhancements implementation within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). Applies RMF/CSF principles to the development of integrated weapon systems. Conducts assessment and authorization (A&A) events to support recommendations to the USSF Special Access Program/Special Access Required (SAP/SAR) Authorizing Official (USSF SAP AO) based on requirements, security impact levels and projected/current operational environment. Develops Security Assessment Report to support Authorization to Operate decisions. Full-time job with frequent US travel required.

Required Qualifications:

• Prior experience as a SAP SCA or SAP SCA Representative

• Ability to travel 40%-70%

• 10+ years of Linux experience in implementation/principles/administration

• Strong knowledge of RMF/CSF process activities and related documentation (e.g., life-cycle support plans, concept of operations, and operational procedures) to confirm the level of risk is within acceptable limits

• Demonstrated ability perform cybersecurity assessments, identify gaps in cybersecurity architecture, and develop a security risk management plan that articulates risk to both technical and non-technical audiences

• Ability to ensure Body of Evidence (BoE) artifacts such as plans of actions and milestones and cybersecurity plans are in place for vulnerabilities/deficiencies identified during risk assessments, audits, inspections, etc.

• Demonstrated history finding unique mitigations to varied systems’ cybersecurity challenges to assess the effectiveness of security controls

• Demonstrated technical proficiency in at least two of the following areas of security: communications, networks, embedded systems, software, system testing or assessment, etc.

• Strong written and oral communication skills to support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs)

• Ability to verify software/network/system security postures are implemented within a DevSecOps process, agile methodology and continuous integration/continuous delivery (CI/CD) pipeline to ensure cybersecurity requirements are included in early during development

• Demonstrated ability to develop methods to monitor and measure risk, compliance, and information assurance efforts

• Certified Information System Security Professional (CISSP)

• Security Clearance Requirements: Must have an active TS/SCI and eligible for SAP/SAR

  Desired Qualifications:

• Bachelors or Masters degree in related discipline

• Certified Cloud Security Professional (CCSP)

• Certified Cybersecurity Analyst (CYSA+)

• AWS or other cloud technology security certification

Basic Compensation: $136- 195k

The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity.

Benefits:

KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.