Security Controls Assessor

About The Position

Requirements

• US Citizenship is required for this role.
• Bachelor’s degree in cybersecurity, computer science, information systems, or a related field.
• 5+ years of hands-on experience in cybersecurity, audit, or compliance, with specialized focus on RMF and NIST 800-series publications.
• Deep understanding of statutory guidance such as NIST SP 800-53, NIST SP 800-53A, and FISMA.
• Industry-recognized credentials such as the Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Authorization Professional (CAP).
• This role requires a Federal background investigation.
• A current or prior DHS suitability is highly preferred.

Responsibilities

• Plan and execute comprehensive security control assessments in accordance with frameworks like the Risk Management Framework (RMF) and FISMA.
• Review system configurations, evaluate evidence, and perform technical testing (e.g., vulnerability scanning) to validate security posture.
• Compile assessment results into Security Assessment Reports (SARs) and generate risk determinations for Authorizing Officials (AOs).
• Identify control weaknesses and support the development of Plans of Action and Milestones (POA&Ms).
• Guide junior assessors, review deliverables, and coordinate assessment activities with ISSOs, system owners, and stakeholders.

Benefits

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
• Group Term Life, Short-Term Disability, Long-Term Disability
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
• Participation in the Discretionary Time Off (DTO) Program
• 11 Paid Holidays Annually