View Our Website View All Jobs

Security Authorization Process/FISMA Project Control Specialist


TestPros is looking for a SAP/FISMA Project Control Specialist with outstanding technical skills who share our passion for results and customer success and in return we offer challenging and exciting work environments and competitive compensation packages. This position will support an agency level information assurance and configuration management program. The program provides services to enterprise systems engineering environments across the country. The Project Control Specialist’s functional service areas of responsibility include DHS Security Authorization Process (SAP) and Federal Information Security Management Act compliance for 40+ automated information systems and networks.

More information on TestPros is available at  

Position Requirements:

  • Reports to the Project Manager and IA Project Officers for each functional area
  • Supervises, trains, and mentors Information Assurance (IA) Security Engineers and Analysts and other IA support personnel, ensuring that they have the proper training to function at a high level
  • Provides personnel management, performance goal identification, and prepares performance reviews
  • Coordinates with the Project Manager and IA Project Officers to ensure quality of service deliverables and prompt resolution of identified problems or weaknesses to ensure project performance
  • Provides and briefs a monthly progress report to the Contracting Officer’s Representative concerning status of initiatives and day to day tasking, staff training, and actual performance compared to established quantitative and qualitative standards
  • Tracks and maintains functional area hardware and software (tool) baselines for assets required to support the functional services
  • Responds to adhoc IA data calls
  • Provides leadership, management, planning, scheduling, coordination, and collaboration of the following Security Authorization Process (SAP) and FISMA Continuous Monitoring team’s services and activities:
    • Manage and perform Alternate Information Systems Security Officer functions for supported systems as part of continuous monitoring and interface with business systems throughout the security authorization life cycle to evaluate and identify appropriate mitigation strategies to bring systems into compliance with established policy and industry guidelines
    • Identify unique system characteristics; interview key organizational personnel; work with business systems to compose requisite documentation; and map complex technical requirements, functionality, and capabilities to prescribed security controls, policies, and practices
    • Create and close business system Plan of Action and Milestones (POA&M)
    • Perform business systems self-assessments in accordance with the supplied DHS Performance Plan
    • Interface with business system technical and nontechnical staff during self-assessments and POA&M mitigation efforts
    • Conduct security reviews of system configuration management documents to determine security posture of the system to which they pertain as well as the security impacts to the interconnected systems or enterprise
    • Assess and review technology infrastructure to identify key risk areas and ensure adequate levels of control are in place to address those risks
    • Conduct security testing and evaluation of system security controls implementation
    • Provide detailed reports including data, analyses, and conclusions upon completion of tests, scans, and assessments, including mitigations and, if indicated, appropriate escalation of identified risks and vulnerabilities.
    • Lead/Participate in system/security policy and standards development, including writing guidelines, standards, procedures, and other technical documentation
  • Ensures work is accomplished within schedule and budget
  • Provides After Action Reports (AAR) for any events with lessons learned and recommendations
  • Continuously evaluates evolving DHS and DoD requirements and ensures compliance across functional areas
  • Maintains currency of their own and the project team’s knowledge on the latest security requirements, security engineering techniques and technologies
  • Collaborates with peers to identify process improvement opportunities and business process alignment to provide the best value to the government
  • Must obtain and maintain a professional certification in accordance with the Department of Defense 8570.01M, Information Assurance Workforce Improvement Program within six (6) months of being hired to the position 
  • Must be certified at, or above, Information Assurance Manager (IAM) Level II; must have at least one of the following certifications:
    • GIAC Security Leadership Certificate (GSLC)
    • Certification and Accreditation Professional (CAP)
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Security
    • Professional (CISSP), or Associate
    • CompTIA Advanced Security Practitioner (CASP)
  • Must have direct experience relating to the following policies and mandates:
    • Office of Management and Budget (OMB) Circular A130, Appendix III: Security of Federal
      Automated Information Resources
    • Management of Federal Information Resources and Federal Information Security Management Act (FISMA)
    • DHS Sensitive Systems Policy Directive 4300A
    • Commandant Instruction (COMDTINST) M5500.13 for IA
    • Executive Order (EO) 12958
    • DHS 4300B
    • Department of Defense Instruction (DODI) 8510.01 DoD Information Assurance Certification and
      Accreditation Process (DIACAP)
    • National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 (current
  • Demonstrated experience in financial systems management
  • Four (4) or more years of direct experience in an IT/Service Management environment including hands-on experience in the areas of information assurance, certification and accreditation, and project management
  • Three (3) or more years of experience managing and administering IA services, tasks, or projects, including supervision of multidisciplinary IA project teams
  • Background in IT/Service Management frameworks and methodologies strongly preferred (e.g., ITIL, CMMI, ISO)
  • Strong project management, interpersonal, writing, and presentation skills
  • Must be a US Citizen & possess and Active DHS Clearance
  • 4-year college degree


TestPros offers competitive salary, medical/dental/vision insurance, life insurance, 3 weeks of paid vacation, 2 weeks of paid holidays, education/training and professional certifications, 401(k) retirement plan with up to 4% company match, opportunities for professional growth and much more!  All benefits are per TestPros current policies and are subject to change without notice.  Benefits are available to full-time employees only.​  TestPros is an Equal Opportunity Employer.

For more information or to submit your resume, please "Apply Now" or email  

Read More

Apply for this position

Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file