Security Control Assessor
Tyto-Athene
Description Tyto Athene is searching for a Junior Security Controls Assessor to support one of our federal customers in Washington, DC. The candidate will ensure that security requirements for information systems meet FISMA requirements. Responsibilities Support RMF steps 4 – assess, 5 – authorize, step 6 – monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual assessments, respectively Produce quality security assessment deliverables, ensuring the content of each deliverable is specific to the subject systems, complete, and accurate Develop and execute a security and privacy assessment plan for each security assessment project Create and maintain test cases for security assessment testing Perform security testing at the control‑requirement level for each unique component of each system (e.g., application, web application server, financial systems, database server/instance, operating systems, specialized appliances, network and infrastructure devices, and end‑user devices (e.g., mobile phones, laptops, etc.)) Conduct technical content review and analysis of technical reports from security vulnerability scan, penetration test, and configuration compliance scan tools with respect to the subject system’s context and environment in order to analyze the findings accurately and completely Analyze security tool reports and determine residual risk or false positives from technical reports and artifacts before assigning findings Document and provide findings and recommendations that are concise, system‑specific, and actionable Perform and document client and system‑specific risk analysis for each finding identified during each assessment in accordance with NIST SP 800‑30, the client’s risk appetite, and the client’s security policies. The results of this risk analysis shall be documented in the Security Assessment Report (SAR) for each assessed FISMA system, and a summary of the assessment results and risk shall be provided in the respective Assessment/Authorization Briefing. Qualifications Required: Bachelor’s Degree or eight years of relevant equivalent experience Minimum of 1 year of relevant experience in functional responsibility Thorough understanding and knowledge of FISMA, NIST, and SPA&A process Critical thinking Strategy development Balancing security requirements with mission needs Ability to provide an assessment of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation, and the ability to recommend corrective actions to address identified vulnerabilities Knowledge of NIST SP 800‑53, 53A Rev 5, and 800‑137 Proficiency in writing technical analysis reports Strong written and oral communication skills Legislative branch experience a plus Desired: Certified Authorization Professional (CAP) Certified in Risk and Information Systems Control (CRISC) Experience with GRC Tools such as ServiceNow, CSAM, etc. Clearance: US Citizen with Public Trust eligibility required Location: On‑site contract with Hybrid allowance in Washington DC a minimum of two days a week (Tuesday and Thursday) but can be increased based on customer needs. Compensation Compensation: Compensation is unique to each candidate and relative to the skills and experience they bring to the position. Salary for this role is between 75‑95K. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above‑stated range. Benefits Benefits: Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave. Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law. #J-18808-Ljbffr Tyto-Athene
- ...exceptional professionals for this role. Job Description The most security-conscious organizations trust Telos Corporation to protect... ...(6 years) ~5+ years of experience assessing security controls from NIST 800-53/CNSS 1253 is required ~ Experience with the...SuggestedWork experience placement
$75k - $95k
...Description Tyto Athene is seeking a Security Control Assessor (SCA) to support a federal customer in Washington, DC. The successful candidate will evaluate information systems to ensure compliance with FISMA, NIST, and agency security requirements by conducting...SuggestedRemote workWorldwideFlexible hours- ...Position Overview The Security Control Assessor must fulfill a variety of cybersecurity functions, to include: System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology...SuggestedFor contractorsWork experience placementWork at officeLocal areaWorldwide
- ...Modern Technology Solutions, Inc. (MTSI) is seeking a Security Control Assessor (SCA) to support an MTSI contract with the Assistant Secretary of the Air Force, Acquisition, Technology and Logistics. The SCA is responsible for conducting a comprehensive assessment...SuggestedContract work
- ...Security Control Assessor We are seeking an experienced Security Control Assessor to support the assessment, validation, and authorization of DoD information systems. This role requires a strong background in the Risk Management Framework (RMF) process, security control...SuggestedImmediate startFlexible hours
$155k - $165k
...we’ve described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Security Control Assessor III Responsibilities: Leads comprehensive security assessments for complex or high-impact systems. Oversees control...For contractors$120k - $135k
...Senior Security Control Assessor Cybersecurity Blu Omega is seeking a Senior Security Control Assessor to support a federal program focused on security and privacy control assessments. This role operates within a highly regulated financial environment and is responsible...Permanent employmentTemporary work$70 - $75 per hour
Apex Systems is seeking a skilled Security Control Assessor in Alexandria, Virginia. The successful candidate will evaluate, test, and validate security controls within information systems, emphasizing RMF application. Your role involves planning assessments, analyzing...Hourly payContract work- Role: Security Control Assessor (SCA), Level I Location: Arlington, VA Clearance Required: TS/SCI Polygraph: CI Position Description The SCA is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed...Contract workLocal area
$127.5k - $276.2k
Job order - J0626-1756 - Permanent Full Time Title Security Control Assessor III Category Cyber Security City Washington, District of Columbia, United States Job Description The Security Control Assessor III is the senior authority for complex security assessments across...Permanent employmentFull timeWork at officeLocal area- Benefits Competitive salary About this Role We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate control implementation and...Work at officeLocal areaWork from homeFlexible hours
$112.5k
...Description Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires significant travel—please review the position overview below for important details. The maximum starting salary for this role is $112,500. A...Daily paidContract workLocal areaImmediate startWork from home- A defense technology company based in Arlington, VA is seeking a Security Control Assessor (SCA) II to conduct comprehensive assessments of security controls. The ideal candidate will have 9-12 years of experience in IS security, familiarity with the Risk Management Framework...
$112.5k
Leidos is hiring mid to senior-level Security Control Assessors in Bethesda, MD. This position involves significant travel for cybersecurity assessments, with up to 85% of time dedicated to travel assignments. Key qualifications include an active Top Secret clearance and...- ...401K, an Employee Stock Purchase Plan (ESPP) through Tetra Tech, and more! Responsibilities Execute all phases of cyber security and privacy control assessment support Required Qualifications Masters Degree in a Technical or Cyber-related Field 7+ years of Relevant Cybersecurity...
$85k
POSITION OVERVIEW Leidos is seeking multiple Security Control Assessors to join our SCA team. This role requires significant travel (approximately 85% of time) and will conduct Security Control Assessments at various government sites. Travel may be domestic or international...Daily paidLocal areaWork from home- OneZero Solutions is seeking a Security Control Assessor (Mid/Senior) to join our team in Washington, DC. This role involves assessing security controls, documenting findings, and recommending corrective actions within the National Capital Region. The ideal candidate will...
- Tyto-Athene is seeking a Junior Security Controls Assessor in Washington, DC, to support federal customers. Responsibilities include conducting security assessments and analysis, producing deliverables, and ensuring compliance with FISMA. The ideal candidate will have...
- OneZero Solutions is seeking a DHS Security Control Assessor III to conduct independent assessments and evaluate security controls within various DHS systems. The ideal candidate will have over 10 years of experience in this role and expertise in security frameworks like...
- ...employee referral program, and educational assistance. Additional details are available on our website: Position Title Security Control Assessor (Mid/Senior) Location On‑site in a SCIF in the National Capital Region (NCR) - Nebraska Avenue Complex, Washington, DC (work...Full timeWork experience placementLocal areaRemote work
- CGI Njoyn is seeking a Security Control Assessor III in Washington, D.C. This role involves leading security control assessments, ensuring robust compliance with NIST standards, and evaluating the security of AI models. The ideal candidate has a bachelor's degree in Cybersecurity...
- ...Job Description We are seeking a highly skilled Security Control Assessor (SCA) to support independent cybersecurity assessments of systems in accordance with the Risk Management Framework (RMF). This role is responsible for evaluating the implementation and effectiveness...2 days per week
$87k - $198k
...Security Control Assessor and System Certification Specialist, Senior The Opportunity: Function as a Senior System Certification Specialist or Security Control Assessor as part of a team in the performance of Assessment and Authorization (A&A) activities ensuring...Full timeContract workPart timeLocal areaRemote work- TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role...Work experience placement
$69.92k - $133.62k
...USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and... ...are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures...Hourly payH1bLocal areaRemote workRelocationAfternoon shift- ...Industries (FPI). Our depth of experience allows us to provide IT security support for a wide range of IT General Support Systems (GSS)... ...the effectiveness of current security measures. IT Security Control Assessor needs to possess the following skills: 5+ years of...Contract workWork experience placementWork at office
- Nxtkey-Corporation is seeking an Information System Security Analyst to deliver IT security support for federal government clients, focusing... ...will have over 5 years of experience with NIST 800-53 controls and hold an active Public Trust Clearance. You will perform security...
- ...Third Party Cyber Assessor Denver, Colorado;Washington, District of Columbia; Chicago... ...responsible for performing information security reviews of third parties that provide services... ...to determine if information security controls are in place and documenting the...Work at officeFlexible hoursShift workDay shift
- NXTKEY CORPORATION is seeking an Information System Security Analyst in Washington, DC. The role includes responsibilities for conducting assessments, vulnerability scanning, and implementing security measures in compliance with federal standards. The ideal candidate must...
$95k - $143.6k
Position Summary: This job is responsible for performing information security reviews of third parties that provide services to the bank. Key... ..., during an assessment to determine if information security controls are in place and documenting the controls in assessment...Shift workDay shift
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Control Assessor. Be the first to apply!


