About The Position

Avint is seeking a highly motivated Journeyman Security Controls Assessor (SCA) in support of a critical federal contract. The Journeyman SCA is a mid-level professional responsible for executing standard security control assessments, evaluations, and compliance verifications across organizational information systems. Operating as a core member of the cybersecurity assurance team, this role focuses on testing technical, operational, and management controls to ensure alignment with regulatory requirements and security policies. The mid-level SCA works under the general supervision of and receives technical guidance from senior SCAs, contributing directly to the organization’s Risk Management Framework (RMF) and Security Assessment and Authorization (A&A) lifecycles.

Requirements

  • Bachelor’s degree (BS/BA) OR equivalent professional experience
  • Security+ or higher
  • Minimum of 6-8 years of dedicated experience in cybersecurity, information assurance, or IT auditing.
  • At least six (6) years of dedicated experience performing hands-on security controls assessments of systems of moderate complexity (C2 & C3) with capability of supporting C4 assessments.
  • Must be a U.S. citizen (no dual citizenship).
  • Ability to pass a background investigation.
  • Able to obtain and maintain DHS Suitability/Entry on Duty (EOD).
  • Strong attention to detail and organized documentation habits.
  • Good analytical and troubleshooting abilities.
  • Professional verbal and written communication skills, with an ability to collaborate effectively across technical boundaries.
  • Solid working knowledge of security control frameworks (specifically NIST SP 800-53, NIST SP 800-37, and NIST SP 800-171).
  • Familiarity with cloud security concepts (AWS, Azure, Google Cloud) and cloud compliance frameworks (FedRAMP).
  • Knowledge of operating system security, network protocols, access control mechanisms, and vulnerability management tools.

Responsibilities

  • Conduct security control assessments of information systems using interview, examination, and testing methods.
  • Verify compliance with established frameworks such as NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational requirements.
  • Analyze system architectures, network diagrams, configuration settings, and policies to identify vulnerabilities and compliance gaps.
  • Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing reports to validate the implementation of technical controls.
  • Document detailed testing results and draft sections of the Security Assessment Report (SAR), ensuring clear explanations of non-compliant findings.
  • Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms.
  • Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies.
  • Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy.
  • Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques.
  • Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle.
  • Participate in the development and refinement of enterprise information security policies, standards, and guidelines.

Benefits

  • Competitive salaries
  • Full health insurance
  • Generous time off
  • Observation of federal holidays
  • Reimbursement for courses, exams, and tuition
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service