Security Control Assessor (SCA) I

GD Information TechnologyPalmdale, CA
Onsite
Match Resume

About The Position

The Security Control Assessor (SCA) is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an Information System (IS) to determine the overall effectiveness of the controls. This includes evaluating if controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. SCAs also provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities. Responsibilities will cover Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities within the customer’s area of responsibility. The role involves performing oversight of the development, implementation, and evaluation of IS security program policy, with special emphasis on the integration of existing SAP network infrastructure. The SCA will perform assessments of ISs based upon the Risk Management Framework (RMF) methodology in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG). They will advise the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues, and evaluate Authorization packages, making recommendations to the AO and/or DAO for authorization. The SCA will evaluate IS threats and vulnerabilities to determine whether additional safeguards are required and advise the Government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system. Ensuring security assessments are completed and results documented, the SCA will prepare the Security Assessment Report (SAR) for the Authorization boundary and initiate a Plan of Action and Milestones (POA&M) with identified weaknesses for each Authorization Boundary assessed, based on findings and recommendations from the SAR. They will evaluate security assessment documentation and provide written recommendations for security authorization to the Government, discuss recommendations for authorization, and submit the security authorization package to the AO/DAO. The SCA will assess proposed changes to Authorization boundaries operating environment and mission needs to determine the continuation to operate, review and concur with all sanitizations and clearing procedures in accordance with Government guidance and/or policy, and assist the Government with compliance inspections and security incidents that relate to cybersecurity, ensuring proper and corrective measures have been taken. The role also involves ensuring organizations are addressing and conducting all phases of the system development life cycle (SDLC), evaluating hardware and software to determine security impact on Authorization boundaries, and evaluating the effectiveness and implementation of Continuous Monitoring Plans. The SCA will represent the customer on inspection teams.

Requirements

  • Top Secret/SCI clearance must be currently possessed.
  • Must be able to obtain Top Secret SCI + Polygraph.
  • 5+ years of related experience.
  • Minimum of three (3) years’ experience in SAP, SCI or Collateral Information Systems (IS) Security and the implementation of regulations.
  • Prior performance in the role of ISSO and ISSM.
  • Bachelor’s degree in a related discipline OR Associate’s degree in a related area + 2 years’ experience OR equivalent experience (4 years).
  • IAT Level 3 (CISSP, CASP+ CE, CCNP Security, CISA, etc.) or IAM Level 1 certification required within 6 months of hire.
  • Must be willing to submit to a CI polygraph.
  • Must be able to regularly lift 50lbs.

Nice To Haves

  • Information Security
  • Information Systems
  • Risk Mitigation Strategies
  • System Security

Responsibilities

  • Conduct comprehensive assessments of management, operational, and technical security controls.
  • Determine the overall effectiveness of security controls.
  • Assess the severity of weaknesses or deficiencies and recommend corrective actions.
  • Perform oversight of IS security program policy development, implementation, and evaluation.
  • Perform assessment of ISs based on the Risk Management Framework (RMF) methodology and JSIG.
  • Advise ISO, IDO, PSO, and DAO/AO on assessment and authorization issues.
  • Evaluate Authorization packages and make recommendations for authorization.
  • Evaluate IS threats and vulnerabilities to determine if additional safeguards are required.
  • Advise the Government on impact levels for Confidentiality, Integrity, and Availability.
  • Ensure security assessments are completed, results documented, and prepare the Security Assessment Report (SAR).
  • Initiate a Plan of Action and Milestones (POA&M) for identified weaknesses.
  • Evaluate security assessment documentation and provide written recommendations for security authorization.
  • Discuss recommendations for authorization and submit security authorization packages.
  • Assess proposed changes to Authorization boundaries and determine continuation to operate.
  • Review and concur with sanitization and clearing procedures.
  • Assist the Government with compliance inspections.
  • Assist the Government with cybersecurity-related security incidents and ensure corrective measures are taken.
  • Ensure organizations address all phases of the system development life cycle (SDLC).
  • Evaluate hardware and software for security impact on Authorization boundaries.
  • Evaluate the effectiveness and implementation of Continuous Monitoring Plans.
  • Represent the customer on inspection teams.

Benefits

  • 401K with company match
  • Comprehensive health and wellness packages
  • Internal mobility team
  • Professional growth opportunities including paid education and certifications
  • Cutting-edge technology
  • Extra paid vacation and holidays
  • Variety of medical plan options
  • Dental plan options
  • Vision plan
  • Ability to contribute both pre and post-tax dollars to 401(k)
  • Full flex work weeks where possible
  • Variety of paid time off plans, including vacation, sick and personal time
  • Paid parental, military, bereavement and jury duty leave
  • Short and long-term disability benefits
  • Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Security Control Assessor (SCA) I job opportunities

Security Control Assessor
General Dynamics Information Technology
General Dynamics Information Technology • Palmdale, CA4d • $142,792 - $161,920 • Onsite
Security Control Assessor
AT&T
AT&T • Chantilly, VA2d • $108,000 - $170,000 • Onsite
Security Control Assessor
Chenega Corporation
Chenega Corporation • Alexandria, VA9d • Onsite
Security Advisor – Control Assessor
Soteria - Security Solutions & Advisory
Soteria - Security Solutions & Advisory • Charleston, SC8d
Security Control Assessor, Intermediate
AGE Solutions
AGE Solutions • Fort Meade, MD6d • $70,000 • Remote
Security Control Assessor Representative
Electrosoft
Electrosoft • Belleville, IL9d • $100,000 - $115,000 • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service