Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Security Control Assessor

Apex Systems Inc

Security Control Assessor

Location: Alexandria, Virginia (Onsite)

Role Overview

We are seeking a skilled and detail-oriented Security Control Assessor. The successful candidate will be responsible for evaluating, testing, and validating the effectiveness of security controls within information systems and networks, with a strong emphasis on applying the Risk Management Framework (RMF). This role requires a strong background in RMF execution, documentation for Assessment and Authorization (A&A), vulnerability analysis, and remediation validation.

Key Responsibilities
  • Provide tailored documentation to support security authorizations.
  • Serve as an independent assessor for Risk Management Framework Steps 0 to 7.
  • Plan and execute security control assessments for various information systems.
  • Develop and maintain assessment procedures and methodologies aligned with NIST guidelines.
  • Analyze and evaluate the effectiveness of implemented security controls, identify vulnerabilities, and prepare detailed Security Assessment Reports (SARs).
  • Perform vulnerability scanning and compliance operations, including analysis of scans and STIG implementations.
  • Create and manage artifacts such as System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
  • Collaborate with system owners and Information System Security Officers (ISSOs) throughout the assessment and authorization process.
  • Assess and validate security controls in cloud-based technology environments.
Required Qualifications

Experience: 5+ years of relevant experience in a Security Control Assessor role.

Education & Certifications:
  • Bachelor's degree or equivalent years of relevant experience.
  • A current DoD 8570 IAT II certification is required (e.g., CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP).

Technical Skills & Knowledge:
  • Hands-on experience with eMASS or similar Information Assurance tools.
  • Proficient understanding of all steps of the RMF process and NIST implementation guidance.
  • Experience with vulnerability analysis, STIG implementation, access controls, and remediation validation.
  • Knowledge of relevant security standards such as NIST SP 800-series (e.g., 800-53, 800-53A, 800-137) and others.
  • Demonstrated documentation and communication skills for interacting with stakeholders and creating authorization artifacts.
  • Experience assessing and validating controls within any cloud-based technology.

Preferred Qualifications:
  • A well-developed understanding of the Systems Development Lifecycle (SDLC).
  • Relevant Cybersecurity and Information Assurance experience with specific hands-on involvement in writing and submitting complete documentation packages for new system authorizations.
Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide.

Everforth Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Everforth Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

If you require an accommodation under the Americans with Disabilities Act to participate in an interview with a virtual recruiter or to use our website for a search or application, please contact our Benefits Department at [email protected] or View phone number on click.appcast.io. Please note that this contact information is strictly to be used for medical ADA accommodations and that no other inquiries will be answered.

UnitedHealthcare creates and publishes the Transparency in Coverage Machine-Readable Files on behalf of Everforth Apex Systems.
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Security Control Assessor in Alexandria, VA vacancy
  •  ...Security Control Assessor (SCA) LOCATION Tysons, VA 22182 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail-oriented Security Control Assessor (SCA) to join our team and ensure that... 
    Suggested
    Temporary work
    For contractors
    Immediate start
    Flexible hours

    Cymertek

    Falls Church, VA
    6 hours ago
  •  ...Security Control Assessor Security Control Assessor Location: Arlington, VA (On-Site) Citizenship: US only Clearance: Active TS/SCI (DHS EOD Suitability required) Company: Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB)... 
    Suggested
    Contract work
    For contractors

    Argo Cyber Systems

    Arlington, VA
    4 days ago
  •  ...Cyber Security And Privacy Control Assessment Support This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase... 
    Suggested

    Tetra Tech

    Arlington, VA
    1 day ago
  • $112.5k

     ...Security Control Assessor Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires significant travel—please review the position overview below for important details. The maximum starting salary for this role is... 
    Suggested
    Daily paid
    Local area
    Remote work
    Work from home

    Leidos

    Alexandria, VA
    4 days ago
  • $130k - $150k

     ...Senior Security Control Assessor Overview: TSA is currently seeking a Senior Security Control Assessor who will serve as a Functional Lead and provide support to our NAVAIR customer in the DC Metro area. Roles/Responsibilities: Leads cybersecurity... 
    Suggested

    Technology Security Associates

    Arlington, VA
    4 days ago
  •  ...Security Control Assessor (SCA) We are seeking a meticulous and detail-oriented Security Control Assessor (SCA) to join our team and ensure that our information systems meet the highest standards of security and compliance. In this role, you will be responsible for... 

    Cymertek

    McLean, VA
    2 days ago
  • $155k - $165k

     ...we’ve described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Security Control Assessor III Responsibilities: Leads comprehensive security assessments for complex or high-impact systems. Oversees control... 
    For contractors

    Electrosoft

    Washington DC
    3 days ago
  • $102.83k - $150k

     ...Exempt Anticipated Salary Range: $102,831.00 - $150,000.00 Security Clearance: TS/SCI Level of Experience: Mid The selected candidate...  ...clearance will be required. What you will do The Security Controls Assessor plays a critical role in evaluating, validating, and... 
    Full time
    Work experience placement
    Local area

    Huntington Ingalls Industries

    Springfield, VA
    21 hours ago
  •  ...Job Description We are seeking a highly skilled Security Control Assessor (SCA) to support independent cybersecurity assessments of systems in accordance with the Risk Management Framework (RMF). This role is responsible for evaluating the implementation and effectiveness... 
    2 days per week

    Centurion Consulting Group, LLC

    Andrews Air Force Base, MD
    5 days ago
  •  ...Security Control Assessor Seize your opportunity to make a personal impact as a Security Control Assessor supporting customer activities. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. At GDIT, people are our... 

    General Dynamics

    McLean, VA
    1 day ago
  • $140k - $210k

     ...Overview VTG is looking for multiple levels (Level 2, 3 & 4) of a Security Control Assessor (SCA) in multiple locations. (Note: position is contingent upon program award and the postions are located in Chantilly VA, Auroro CO, Springfield VA, Las Cruces NM, & LAAFB.)... 
    For contractors
    Work experience placement

    VTG

    Springfield, VA
    5 days ago
  • $102.83k - $150k

     ...Salary Range: $102,831.00 - $150,000.00 Security Clearance: TS/SCI Level of Experience: Mid...  .... Below are the salary ranges: Security Controls Accessor: $85,185 - $135,000 Sr....  ...What you will do The Security Controls Assessor plays a critical role in evaluating, validating... 
    Full time
    Work experience placement
    Local area
    Worldwide

    HII Mission Technologies Division

    Springfield, VA
    6 hours ago
  • $87k - $198k

     ...Security Control Assessor and System Certification Specialist, Senior The Opportunity: Function as a Senior System Certification Specialist or Security Control Assessor as part of a team in the performance of Assessment and Authorization (A&A) activities ensuring... 
    Full time
    Contract work
    Part time
    Local area
    Remote work

    Booz Allen Hamilton

    Arlington, VA
    more than 2 months ago
  • $90k - $103k

    Regional Cyber Security Assessor SkyePoint Decisions is seeking a Regional Cyber Security Assessor to support the Diplomatic Security Cyber...  ...with established operating procedures for data access controls, storage, transmission, and destruction of data prior to and... 
    Remote work
    Overseas

    SkyePoint Decisions, Inc.

    Arlington, VA
    5 days ago
  • $127.5k - $276.2k

    Security Control Assessor III Position Description The Security Control Assessor III is the senior authority for complex security assessments across Treasury systems, providing independent evaluation of NIST SP 800 53 control implementations and authoritative risk... 
    Work at office
    Local area
    Washington DC
    10 days ago
  •  ...TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This... 
    Work experience placement

    TLA Inc

    Washington DC
    4 days ago
  •  ...Security Assessor TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and... 

    The Logical Answer

    McLean, VA
    1 day ago
  •  ...Direct experience in NIST security control assessments Direct experience in System Security Plan (SSP) development Direct experience conducting or supporting NIST-based risk assessments Demonstrated success interfacing directly with system owners and executive management... 

    Business Integra

    Washington DC
    5 days ago
  • $130k - $147k

    SkyePoint Decisions is seeking an AWS Assessor in Washington, D.C. This role involves leading security assessments and ensuring cloud security compliance for government contracts. Candidates must have extensive experience in cloud security and meet specific educational... 

    SkyePoint Decisions

    Washington DC
    5 days ago
  •  ...all major technologies. Our solutions and services help build enduring relationships with our clients. Job Description Senior Assessor / Security Assessor Location: Washington, D.C. Duration: 3 years with extension Required Skills: Specialized experience in security... 
    Contract work

    Business Integra Inc

    Washington DC
    5 days ago
  • A leading IT service provider in Washington, D.C. is looking for a Senior Assessor / Security Assessor to conduct security process analysis and provide guidance on privacy and security activities. The ideal candidate will have at least 6 years of experience in consulting... 

    Business Integra Inc

    Washington DC
    5 days ago
  •  ...Third Party Cyber Assessor Denver, Colorado;Washington, District of Columbia; Chicago...  ...responsible for performing information security reviews of third parties that provide services...  ...to determine if information security controls are in place and documenting the... 
    Work at office
    Flexible hours
    Shift work
    Day shift

    Bank of America

    Washington DC
    2 days ago
  •  ...Focuses on solving conflict, not blaming; Maintains confidentiality; Listens to others without interrupting; Keeps emotions under control; Remains open to others' ideas and tries new things. Judgement - Displays willingness to make decisions; Exhibits sound and accurate... 
    Work at office

    Healthcare Legal Solutions LLC

    Washington DC
    3 days ago
  • $50k - $55k

     ...deadlines are met and to move the file towards prompt and appropriate resolution. Identifies and pursues subrogation opportunities; secures and disposes of salvage. Communicates claim action/processing with insured, client, and agent or broker when appropriate. Maintains... 
    Contract work
    Work at office
    Local area
    Flexible hours

    Sedgwick Law

    Alexandria, VA
    2 days ago
  • $120k - $150k

    You are here: Home / Careers / Senior Assessor (CMMC) | US Based Apply Now Salary: $120,...  ...efficient and cost-effective information security and compliance programs for both on-...  ...strong experience reviewing and testing controls, documenting audit artifacts and reports... 
    Remote work
    Work from home
    Flexible hours

    ControlCase, LLC

    Fairfax, VA
    1 day ago
  • $94.41k - $144.64k

     ...expand your work experiences and hone your skills as an IT risk professional in the areas of compliance, cybersecurity, and internal controls* You crave the opportunity to be part of a fast growing, entrepreneurial risk consulting practice where your hard work and... 
    Work experience placement
    Local area
    Remote work
    Worldwide

    Baker Tilly International

    Washington DC
    5 days ago
  • ASRC Federal Holding Company is looking for a Vulnerability Assessor in Alexandria, VA. This role involves conducting vulnerability assessments and enhancing the organization’s cybersecurity posture. The ideal candidate will have a Bachelor’s degree in a related field... 

    ASRC Federal Holding Company

    Alexandria, VA
    3 days ago
  •  ...Position Summary This job is responsible for performing information security reviews of third parties that provide services to the bank. Key...  ...during an assessment to determine if information security controls are in place and documenting the controls in place in assessment... 
    Shift work
    Day shift

    Bank of America

    Washington DC
    3 days ago
  • $94.41k - $144.64k

     ...and business objectives. Provide strategic business assurance to clients by assisting in the implementation of new processes and controls that address key risks. Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity... 
    Local area

    Baker Tilly Advisory Group, LP

    Washington DC
    3 days ago
  • $90k - $115k

    Responsibilities Conduct security control assessments for commercial and government customers to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within a system boundary. Develop, document... 
    Temporary work
    Work at office
    Local area
    Work from home

    Vaultes, LLC

    Washington DC
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Security Control Assessor. Be the first to apply!