Information Assurance Security Specialist (Control Assessor)

Supports DHA cybersecurity compliance by assessing security controls, validating evidence, and maintaining authorization artifacts for DDSB systems. This role focuses on Risk Management Framework (RMF (Risk Management Framework) support, audit readiness, and defensible documentation.

Key Tasks & Responsibilities

• Assess and validate implementation of security controls using applicable RMF requirements, CNSSI 1253 control sets, assessment procedures from NIST SP 800-53A with DoD-specific assignment values, overlays, and implementation guidance.
• Plan, execute, and document security control assessments, including interviews, artifact/evidence review, and test result validation supporting authorization decisions and risk acceptance determinations.
• Track and report status of major deliverables, including Risk Assessments, Risk Acceptance, accreditation & authorization efforts (A&A), Control Correlation Identifier (CCI) completion, and Plans of Action and Milestones
• Recommend corrective actions and process improvements; maintain accuracy and timeliness of assessment inputs to eMASS (Enterprise Mission Assurance Support Services) and other accreditation requirements.
• Validate evidence of authorization in required security documentation (e.g., System Security Plan, Security Assessment Report, POA&M (Plan of Actions & Milestones), authorization decision documentation) and support audit readiness for FISMA (Federal Information Security Modernization Act) security control testing.
• Review and evaluate the effects of security system changes, including interfaces with other Information Systems, document assessment impacts and required updates to authorization artifacts.
• Support reciprocity by providing directed information in NIST security documents to Government stakeholders.
• Support continuous monitoring by reviewing and updating system assets and security artifacts as part of the Continuous Monitoring process and Annual Review process.
• Coordinate with system owners, engineers, and cybersecurity teams to validate remediation actions and closure evidence for assessment findings.

Education & Experience

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Data Science, Engineering, Mathematics, or a closely related discipline or equivalent practical experience (as permitted by the contract).
• Minimum 4 years of relevant experience supporting enterprise IT environments, with demonstrated work aligned to Information Assurance.

Certifications

• At least one: CGRC/CAP, CASP+, Cloud+, PenTest+, Security+, or GSEC.
• Alternate/equivalent certifications may be accepted with Government approval.
• Preferred/Work-center dependent: Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate.

Security Clearance

• Must be able to obtain and maintain Public Trust suitability and all required system access (e.g., CAC-enabled accounts) to perform duties.

Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)

• Work is primarily on-site in San Antonio, TX; limited remote work may be allowed when authorized by the Government and mission requirements permit. Work may require after-hours, weekend, and/or on-call support as directed, including support during scheduled maintenance windows, high-impact incidents, vulnerability response actions, inspections, and surge periods.
• This position is aligned to applicable DoD Manual 8140.03 work role 612 (NIST: SP-RM-002); contractor personnel must meet DoD 8570.01-M baseline certification requirements and transition to DoD Manual 8140.03 work role requirements, including required training, knowledge, skills, abilities, and tasks, within Government-directed timelines.

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected] .

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.