Security Control Assessor, Senior

Key Role:

Provide Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD Risk Management Framework (RMF) Assessment and Authorization (A&A) process and legacy DoD Information Assurance Certification and Accreditation (DIACAP) for a DoD program. Validate security configurations to ensure they are implemented in accordance with DoD Cybersecurity policies, requirements, and directives, including compliance with Security Technical Implementation Guidance (STIG), Security Requirements Guides (SRGs), and checklists. Leverage automated testing tools and manual test methodologies to identify system vulnerabilities and noncompliance. Support the task lead in organizing and leading the A&A team through the accreditation process. Develop daily and weekly reports for team progress.

Basic Qualifications:

-3+ years of experience with Cybersecurity

-Experience with authoring comprehensive RMF packages independently

-Experience with performing technical security assessments, including vulnerability assessments, security control reviews, and system configuration checks to support RMF

-Experience with performing manual testing methods and procedures

-Secret clearance

-BA or BS degree in a Technology, IT, or Cybersecurity field

-DoD 8140 IAM I or IAT II Certification

Additional Qualifications:

-Experience with planning and executing comprehensive Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and identifying and using required tools, including Retina, Nessus, Assured Compliance Assessment Solution (ACAS), or Security Content Automation Protocol (SCAP)

-Experience in working with federal or DoD government implementation of the NIST RMF for A&A


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Not ready to apply? Join our talent community and sign up for job alerts.