Information Security Assessor (RMF/NIST)

Information Security Assessor Location: Austin, Texas (ONSITE 5 days/week)
Contract Position: 18 month Contract (with strong potential for extension and career advancement)

We are seeking a hands-on, Information Security Assessor (RMF/NIST) to support the System Risk Management team in safeguarding mission-critical state systems. This role emphasizes deep expertise in conducting security assessments, writing control findings, developing System Security Plans (SSPs), and translating technical security requirements for diverse audiences. Candidates must have substantial experience with NIST frameworks and be capable of both performing and quality-assuring the work of other assessors on high-visibility, complex projects.

This is not a management or strategic oversight role. We are looking for a technically proficient, detail-oriented assessor who can lead by example and provide critical insight throughout the security assessment lifecycle.

If you re a skilled assessor who thrives in a hands-on technical role and enjoys solving real security problems, we d love to hear from you. Apply now to join a team where your technical depth and attention to detail make a real long-term impact!

Minimum Qualifications:

• 7+ years of hands-on experience performing security assessments using:
  • NIST RMF, NIST Cybersecurity Framework
  • PCI-DSS
  • Texas Information Security Standards
• Experience developing SSPs, POA&Ms, and writing control findings
• Proven ability to communicate complex security topics to technical and non-technical audiences
• Experience with QA assessment work and supporting complex, high-visibility security projects
• Must hold a baseline certification meeting DoD 8570 IAT Level III (e.g., CISSP, CISM, CASP+)
• Must be practical, detail-focused, and assessment-driven
• Strong writer and communicator
• Able to work independently with minimal direction
• Collaborative, yet confident in providing expert-level guidance
• Capable of handling ambiguity and working in high-stakes environments

Responsibilities:

• Conduct detailed security control assessments aligned with NIST Risk Management Framework (RMF) and Texas-specific standards.
• Develop and write comprehensive control findings, SSPs, POA&Ms, and related documentation.
• Clearly explain technical controls and assessment outcomes to non-security stakeholders.
• Provide QA review and oversight of assessments performed by other team members.
• Collaborate with agency staff and vendors to coordinate the implementation of system security plans.
• Advise on security configurations and system procedures to prevent, detect, and mitigate risks.
• Participate in disaster recovery and business continuity planning.
• Conduct reviews of application and infrastructure environments, including physical data center security.
• Research and recommend improvements to security policies and operational procedures.
• Perform other security-related duties as assigned.

Genius Road, LLC is proud to be a Certified Women s Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.