Security Controls Assessor / OSCAL (Part Time, Remote)

TestProsSterling, VA
$50 - $85Remote
Match Resume

About The Position

TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure. This is a part-time consulting role for future projects expected to start in late 2026 or 2027. The ideal candidate will have strong hands-on experience conducting independent security control compliance assessments using guidelines from NIST (800-53, 800-171) and assessment automation via OSCAL (Open Security Controls Assessment Language). You must have security controls and OSCAL experience in both U.S. Government and Commercial environments. FedRAMP experience is a plus.

Requirements

  • Proven OSCAL experience (at least two years).
  • 5+ years of hands-on security controls assessment.
  • Experience with RegScale, Paramify, or similar tools.
  • Experience with government, public sector, or municipal IT environments is highly preferred.
  • Ability to write clear, professional, and actionable technical reports.
  • Full U.S. Citizenship.
  • Ability to pass an extensive background check.

Nice To Haves

  • FedRAMP experience.
  • Experience with NIST 800-53 based ATO assessment.
  • Experience with NIST 800-171/CMMC assessment.
  • Experience with HIPAA assessment.
  • Familiarity with U.S. Government security policy requirements.
  • Expertise with common tools such as Kali Linux, Burp Suite, Nmap, Metasploit, Nessus/Tenable, and Wireshark.

Responsibilities

  • Conduct independent security control compliance assessments using NIST (800-53, 800-171) guidelines.
  • Utilize OSCAL for assessment automation.
  • Develop Security Assessment Plan (SAP), Security Assessment Report (SAR), and Plan of Actions and Milestones (POA&M).
  • Write clear, professional, and actionable technical reports.
  • Produce a set of interoperable, extensible, machine-readable formats that supports a broad range of control-based risk management processes (XML-, JSON-, and YAML-based formats that allow for lossless translations between XML, JSON, and YAML representations).
  • Coordinate with multi-agency or cross-organizational IT teams.

Benefits

  • Medical/dental/vision insurance
  • Life insurance
  • Paid time off
  • Paid holidays
  • 401(k) retirement plan with company match
  • Opportunities for professional growth
  • Cell phone discounts

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Part-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Security Controls Assessor / OSCAL (Part Time, Remote) job opportunities

Security Controls Assessor
TestPros
TestPros • Sterling, VA6d • $50 - $95 • Remote
Security Controls Assessor - Senior
Cherokee Federal
Cherokee Federal • United States, 2d
Expert Security Controls Assessor
Booz Allen Hamilton
Booz Allen Hamilton • San Diego, CA12d • $99,000 - $225,000 • Remote
Security Assessor
Guidehouse
Guidehouse • Tysons, VA13d • $113,000 - $188,000 • Remote
SOC 2 Assessor
TestPros
TestPros • Sterling, VA6d • $50 - $90 • Remote
Security Assessor
Guidehouse
Guidehouse • Tysons Corner, VA11d • Remote

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service