Security Control Assessor

About The Position

Requirements

• MUST be a U.S. Citizen
• MUST have a BA/BS degree
• MUST be located in the D.C. Metropolitan/DMV area
• MUST be eligible to obtain a Public Trust Clearance
• MUST have demonstrated knowledge of NIST SP 800-53, FIPS 199/200, SP 800-37, and related guidelines.
• MUST have a strong understanding of contract governance and execution within federal/regulatory contexts.
• MUST have proven leadership in security ATOs for federal systems under RMF/NIST frameworks.
• MUST have familiarity with FedRAMP

Nice To Haves

• Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), or equivalent.
• Prior experience in federal contractor roles with audit and regulatory oversight.
• Knowledge of additional frameworks (e.g., DoD RMF, CMMC)

Responsibilities

• Guide systems through the Authorization to Operate (ATO) process, aligned with NIST Risk Management Framework (800‑37), including system categorization, control selection, testing, documentation, and authorization.
• Engage with Authorizing Officials (AOs), Information System Security Officers (ISSOs), and your team to prepare key packages (SSPP, POA&M) and achieve successful ATO.
• Ensure implementation of NIST SP 800‑53 controls; align with FIPS 199/200 for system impact levels.
• Maintain FISMA compliance: support annual reviews, continuous monitoring, and reporting per FISMA 2014 definitions.
• Adherence to FedRAMP requirements.
• Oversee contract execution: ensure deliverables meet scope, schedule, and quality metrics.
• Implement governance processes: track deliverables, manage risk, coordinate audits, and support inspections.
• Facilitate collaboration among stakeholders—technical teams, compliance officers, and agency leaders—to resolve issues and maintain contract integrity.
• Establish and manage ongoing security monitoring aligned with FISMA mandates.
• Track corrective actions through Plans of Action & Milestones (POA&M), ensuring risk is mitigated and remediations are enacted.
• Provide regular status reports to agency stakeholders and compliance authorities.
• Train internal staff and agency personnel on security protocols, compliance obligations, and ATO processes.

Benefits

• competitive compensation package
• employer-supported 401(k)
• world-class health benefits
• paid vacation and holidays
• programs that support your well-being
• Professional development and training opportunities
• Coaching, mentorship, and career flexibility
• The chance to work on meaningful projects that impact national security, healthcare, veterans, and families across the U.S.