Sr. Security Control Assessor II (6398)
About The Position
As Sr. Security Control Assessor II , you’ll provide independent validation of security control effectiveness across mission-critical information systems with the goal of making a measurable impact across the federal government. Our Cybersecurity Assessment & Authorization team is responsible for ensuring federal systems meet rigorous security and compliance standards, and you’ll play a key role in enabling risk-informed authorization decisions through objective evidence, disciplined assessment practices, and alignment to federal cybersecurity frameworks. We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers. If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!
Requirements
- Active Top Secret security clearance with SCI eligibility required.
- 7+ years of direct experience in cybersecurity with a strong focus on assessment and authorization activities.
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related technical field is strongly preferred. Relevant experience may substitute for education requirements.
- Possess DoD 8140 certification aligned to the 612 Security Control Assessor work role, such as Security+, SSCP, CAP, CASP+, CISSP, CISA, GSLC, or CISSP-ISSEP.
- Demonstrated experience conducting independent assessments of management, operational, and technical security controls and enhancements.
- Proven expertise assessing control effectiveness in accordance with NIST 800-37, including evaluation of inherited and system-specific controls.
- Hands-on experience drafting security assessment reports and providing remediation recommendations.
- Operational experience supporting system authorization activities, including security assessments, risk determination, and reporting of findings.
- Ability to contribute immediately with minimal ramp-up in a mission-critical operational environment.
- Required technical certifications include CAP or CISA.
Responsibilities
- Conduct independent assessments of management, operational, and technical security controls and control enhancements
- Evaluate control implementation and effectiveness against NIST 800-53, NIST 800-37, and Risk Management Framework requirements
- Review security documentation, artifacts, and evidence supporting authorization decisions
- Coordinate assessment activities with Information Systems Security Managers, Information Systems Security Officers, and system owners while maintaining assessor independence
- Document assessment findings, risks, and recommendations clearly and objectively
- Support initial authorization, reauthorization, and continuous monitoring assessments
- Brief assessment results, risk posture, and recommendations to Government Authorizing Officials, Security Control Assessors, and program leadership
- Maintain strict independence, objectivity, and professional judgment throughout assessment activities
Benefits
- Health, dental, and vision insurance
- 401(k) retirement plan with company match
- Paid time off (PTO) and holidays
- Parental Leave and dependent care
- Flexible work arrangements
- Professional development opportunities
- Employee assistance and wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
