Cybersecurity Service Provider (CSSP) Auditor ECND044
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
Some of the positions are future positions. Please look at the opening line of the job description to determine if this is an open or future position.
Our positions are not remote unless stated in the job description below.
We are looking to fill this position at the following location(s):
- Washington, DC
Cybersecurity Service Provider (CSSP) Auditor:
Seeking an Auditor skilled in cybersecurity and cyberspace defense processes, procedures, and governance. The candidate shall conduct internal and onsite assessments of CSSPs and provide compliance mitigation and/or remediation recommendations in all cybersecurity activity areas by reviewing policies, procedures, and metric reports to compare against the current Evaluator Scoring Metrics (ESM) IAW DODI-8530.01 and ICD 502. The contractor shall develop and maintain IC ESM net worthiness metrics/requirements to verify compliance with security, interoperability, supportability, sustainability, and usability regulations, guidelines, and policies.
Skill Level 4:
Skills and Tasks: Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks.
Leadership/Management: May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues.
Guidance: Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion.
Conducting global CSSP cybersecurity services and activities implementation assessments to improve services and standards.
Conduct internal assessments of CSSP cybersecurity services and activities implementation.
Coordinate remediation of customer internal assessment findings with responsible support offices to ensure mitigation.
Provide monthly Plan Of Action and Milestones (POAM) metrics for internal assessments .
Perform security assessments at remote government and contractor sites
Education and Experience:
HS/GED + 12 years
Associates Degree + 10 years
Bachelor’s Degree + 8 years
Master’s Degree + 6 years
PhD + 4 years
Training and Certifications:
IAT Level 2
TS/SCI with CI poly