Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Security Control Assessor (SCA)

Novul Solutions

Job Description
We are seeking an experienced Security Control Assessor to support the assessment, validation, and authorization of DoD information systems. This role requires a strong background in the Risk Management Framework (RMF) process, security control assessment, and cybersecurity compliance. The ideal candidate will be skilled in evaluating how security controls are implemented, measuring their resilience and reliability, and determining how changes in operational or environmental conditions may affect system security.


Key Responsibilities:

  • Conduct in-depth security control assessments for DoD information systems in accordance with NIST SP 800-53, NIST SP 800-37, DoD RMF, and JSIG requirements.
  • Communicate government-approved mitigation and remediation guidance to system owners in support of the RMF process.
  • Assess and validate the implementation of security controls, including how they support system resilience, reliability, and overall cybersecurity posture.
  • Apply and interpret the Confidentiality, Integrity, and Availability (CIA) triad and related categorization impact levels (High, Moderate, Low) for assigned systems and programs.
  • Validate inherited security controls from hosted, interconnected, or external systems.
  • Evaluate program compliance with controls related to Ports, Protocols, and Services (PP&S), including proper handling, management, and review of log files.
  • Lead the review, preparation, and quality assurance of Authorization to Operate (ATO) packages and supporting documentation.
  • Identify control gaps, document findings, and provide actionable recommendations for remediation.
  • Coordinate with stakeholders, system owners, engineers, and cybersecurity teams to ensure security requirements are properly addressed.
  • Support assessment activities, artifact reviews, interviews, and technical validations required for authorization decisions.
Requirements
  • 8+ years of experience in cybersecurity.
  • 5+ years of experience in Certification and Accreditation (C&A), Assessment and Authorization (A&A), or closely related cybersecurity compliance functions.
  • Demonstrated expertise with the Risk Management Framework (RMF).
  • Strong knowledge of NIST SP 800-37, NIST SP 800-53, and CNSSI 1253.
  • Experience supporting DoD security authorization efforts and control validation activities.
  • Proven ability to review and assess system security documentation for completeness and accuracy.
  • Previous leadership or team lead experience.
  • Strong written and verbal communication skills, with the ability to explain assessment findings and remediation actions to technical and non-technical stakeholders.
  • Bachelor's Degree required.
Benefits
Core Benefits:
  • Paid Time OffPTO):TEN (10) Paid days off & FIVE (5) Floating days off.
  • Holidays: 11 Paid Holidays. Flex time can be utilized instead of holiday time usage.
  • Payroll: Paid Bi-Monthly.
  • 401(k): Partnered with the SECOND LARGEST Retirement plan provider in the U.S. Guaranteed 3% match. Eligibility - 21 years of age or older, after 3 months of employment
  • Individual or company-wide performance and recognition awards (Quarterly
Health Benefits:
  • UNITED HEALTHCARE PPO, extensive national coverage.
  • INCLUDES: Medical/Dental/Vision/HSA.
  • Eligible on the first of the month, immediately after the start date.
  • Submit the enrollment form within 30 days of your start date otherwise, you will have to wait until October for the new year enrollment.
Quality of Life Benefits:
  • Training & Career Development Reimbursement of Tuition and training needed to support career development.
  • $150 monthly reimbursement contribution paid monthly towards parking expenses.
  • Receipts must be submitted by the close of business on the 25th of each month.
  • Reimbursements will be paid on the first payroll AFTER reimbursements are submitted each month.
Special Benefits:
  • Performance bonus - Project-based
  • Yearly bonus - Company based
Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the Security Control Assessor (SCA) in Arlington, VA vacancy
  •  ...Security Control Assessor (SCA) We are seeking a meticulous and detail-oriented Security Control Assessor (SCA) to join our team and ensure that our information systems meet the highest standards of security and compliance. In this role, you will be responsible for... 
    Suggested

    Cymertek

    McLean, VA
    3 days ago
  • $140k - $210k

     ...Overview VTG is looking for multiple levels (Level 2, 3 & 4) of a Security Control Assessor (SCA) in multiple locations. (Note: position is contingent upon program award and the postions are located in Chantilly VA, Auroro CO, Springfield VA, Las Cruces NM, & LAAFB.)... 
    Suggested
    For contractors
    Work experience placement

    VTG

    Springfield, VA
    4 days ago
  •  ...Security Control Assessor (SCA) LOCATION Tysons, VA 22182 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail-oriented **Security Control Assessor (SCA)** to join... 
    Suggested
    Temporary work
    For contractors
    Immediate start
    Flexible hours

    Cymertek

    Vienna, VA
    2 days ago
  • $102.83k - $150k

     ...31.00 - $150,000.00 Security Clearance: TS/SCI Level...  ...salary ranges: Security Controls Accessor: $85,185 - $135,000...  ...The Security Controls Assessor plays a critical role in evaluating...  ...the organization. The SCA is responsible for: -Reviewing... 
    Suggested
    Full time
    Work experience placement
    Local area
    Worldwide

    Huntington Ingalls Industries

    Springfield, VA
    4 days ago
  •  ...Modern Technology Solutions, Inc. (MTSI) is seeking a Security Control Assessor (SCA) to support an MTSI contract with the Assistant Secretary of the Air Force, Acquisition, Technology and Logistics. The SCA is responsible for conducting a comprehensive assessment... 
    Suggested
    Contract work

    Modern Technology Solutions Inc

    Washington DC
    4 days ago
  • $112.5k

     ...Description Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires significant travel-please review the position overview below for important details. The maximum starting salary for this role is $112,500. A... 
    Daily paid
    Contract work
    Local area
    Immediate start
    Work from home

    Leidos

    Alexandria, VA
    5 days ago
  •  ...Security Control Assessor Seize your opportunity to make a personal impact as a Security Control Assessor supporting customer activities. GDIT...  ...Required Experience: 10+ yrs (Must have 4+ yrs of hands-on SCA experience) Clearance: TS/SCI with Polygraph Required... 

    General Dynamics

    McLean, VA
    2 days ago
  •  ...Security Control Assessor Location: Alexandria, Virginia (Onsite) Role Overview We are seeking a skilled and detail-oriented Security Control Assessor. The successful candidate will be responsible for evaluating, testing, and validating the effectiveness of security... 

    Apex Systems

    Alexandria, VA
    2 days ago
  •  ...Security Control Assessor Security Control Assessor Location: Arlington, VA (On-Site) Citizenship: US only Clearance: Active TS/SCI (DHS EOD Suitability required) Company: Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB)... 
    Contract work
    For contractors

    Argo Cyber Systems

    Arlington, VA
    5 days ago
  • $155k - $165k

     ...we’ve described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Security Control Assessor III Responsibilities: Leads comprehensive security assessments for complex or high-impact systems. Oversees control... 
    For contractors

    Electrosoft

    Washington DC
    4 days ago
  •  ...Position Overview The Security Control Assessor must fulfill a variety of cybersecurity functions, to include: System Administrator, Enterprise Oversight, certification and accreditation, SAP and SCI assessment and authorization (A&A), Platform Information Technology... 
    For contractors
    Work experience placement
    Work at office
    Local area
    Worldwide

    G-Force Solutions

    Arlington, VA
    7 hours ago
  • $155.62k - $210.54k

     ...Qualifications: Skills: RMF, Security Content Automation Protocol (SCAP), Security...  ...to make a personal impact as a Security Control Assessor supporting customer activities. GDIT is...  ...: 10+ yrs (Must have 4+ yrs of hands-on SCA experience) Clearance : TS/SCI with... 
    Temporary work
    Immediate start
    Remote work
    Worldwide
    Flexible hours

    General Dynamics Information Technology

    McLean, VA
    2 days ago
  •  ...Cyber Security And Privacy Control Assessment Support This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase... 

    Tetra Tech

    Arlington, VA
    2 days ago
  • $130k - $150k

     ...Senior Security Control Assessor Overview: TSA is currently seeking a Senior Security Control Assessor who will serve as a Functional Lead and provide support to our NAVAIR customer in the DC Metro area. Roles/Responsibilities: Leads cybersecurity... 

    Technology Security Associates

    Arlington, VA
    5 days ago
  • $120k - $135k

     ...Senior Security Control Assessor Cybersecurity Blu Omega is seeking a Senior Security Control Assessor to support a federal program focused on security and privacy control assessments. This role operates within a highly regulated financial environment and is responsible... 
    Permanent employment
    Temporary work

    Blu Omega

    Arlington, VA
    8 hours ago
  •  ...Security Control Assessor (Authorizing Official) Position Summary: As Security Control Assessor (Authorizing Official/AO) you will provide cybersecurity support to the National Geospatial-Intelligence Agency (NGA) in Springfield, VA. You will award authorization... 
    Full time
    Work at office
    Immediate start
    Flexible hours

    Life Cycle Engineering

    Springfield, VA
    7 hours ago
  • $87k - $198k

     ...Security Control Assessor and System Certification Specialist, Senior The Opportunity: Function as a Senior System Certification Specialist...  ...in NIST security guidance and security control assessment (SCA) processes using the NIST Risk Management Framework (RMF). Guide... 
    Full time
    Contract work
    Part time
    Local area
    Remote work

    Booz Allen Hamilton

    Arlington, VA
    more than 2 months ago
  • TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role... 
    Work experience placement

    Tla Llc

    Washington DC
    2 days ago
  • Direct experience in NIST security control assessments Direct experience in System Security Plan (SSP) development Direct experience conducting or supporting NIST-based risk assessments Demonstrated success interfacing directly with system owners and executive management... 

    Business Integra Inc

    Washington DC
    6 days ago
  •  ...Security Assessor TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and... 

    The Logical Answer

    McLean, VA
    2 days ago
  • $130k - $147k

    SkyePoint Decisions is seeking an AWS Assessor in Washington, D.C. This role involves leading security assessments and ensuring cloud security compliance for government contracts. Candidates must have extensive experience in cloud security and meet specific educational... 

    SkyePoint Decisions

    Washington DC
    6 days ago
  •  ...all major technologies. Our solutions and services help build enduring relationships with our clients. Job Description Senior Assessor / Security Assessor Location: Washington, D.C. Duration: 3 years with extension Required Skills: Specialized experience in security... 
    Contract work

    Business Integra Inc

    Washington DC
    6 days ago
  • A leading IT service provider in Washington, D.C. is looking for a Senior Assessor / Security Assessor to conduct security process analysis and provide guidance on privacy and security activities. The ideal candidate will have at least 6 years of experience in consulting... 

    Business Integra Inc

    Washington DC
    6 days ago
  •  ...Third Party Cyber Assessor Denver, Colorado;Washington, District of Columbia; Chicago...  ...responsible for performing information security reviews of third parties that provide services...  ...to determine if information security controls are in place and documenting the... 
    Work at office
    Flexible hours
    Shift work
    Day shift

    Bank of America

    Washington DC
    3 days ago
  •  ...Focuses on solving conflict, not blaming; Maintains confidentiality; Listens to others without interrupting; Keeps emotions under control; Remains open to others' ideas and tries new things. Judgement - Displays willingness to make decisions; Exhibits sound and accurate... 
    Work at office

    Healthcare Legal Solutions LLC

    Washington DC
    4 days ago
  • $94.41k - $144.64k

     ...expand your work experiences and hone your skills as an IT risk professional in the areas of compliance, cybersecurity, and internal controls* You crave the opportunity to be part of a fast growing, entrepreneurial risk consulting practice where your hard work and... 
    Work experience placement
    Local area
    Remote work
    Worldwide

    Baker Tilly International

    Washington DC
    6 days ago
  •  ...Position Summary This job is responsible for performing information security reviews of third parties that provide services to the bank. Key...  ...during an assessment to determine if information security controls are in place and documenting the controls in place in assessment... 
    Shift work
    Day shift

    Bank of America

    Washington DC
    4 days ago
  • $90k - $115k

    Responsibilities Conduct security control assessments for commercial and government customers to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within a system boundary. Develop, document... 
    Temporary work
    Work at office
    Local area
    Work from home

    Vaultes, LLC

    Washington DC
    6 days ago
  • $94.41k - $144.64k

     ...and business objectives. Provide strategic business assurance to clients by assisting in the implementation of new processes and controls that address key risks. Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity... 
    Local area

    Baker Tilly Advisory Group, LP

    Washington DC
    4 days ago
  • $23.16 per hour

     ...and analyzes various complex potential claims with emphasis on controlling losses through effective managed care. This includes following...  ...and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy... 
    For contractors
    Work at office
    Local area

    Highmark Health

    Washington DC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Security Control Assessor (SCA). Be the first to apply!