Security Control Assessor

Overview

On Site
Depends on Experience
Contract - W2

Skills

Public Trust

Job Details

Security Control Assessor

Location: Washington, DC (5 days a week on-site)

Contract

About Our Client

Our client is a prominent federal agency dedicated to upholding the rule of law and protecting the interests of the United States. With a long-standing history of public service, this organization operates across the nation and plays a critical role in ensuring justice and security for all citizens. The agency maintains a strong commitment to integrity, independence, and excellence in all its operations. This position offers the opportunity to contribute to vital cybersecurity efforts that protect sensitive government systems and information.

Job Description

As a Security Control Assessor, you will play a critical role in safeguarding federal systems and information by performing comprehensive security control assessments using the NIST Risk Management Framework (RMF). Working on-site in Washington, DC, you'll collaborate directly with Information System Security Officers (ISSOs) and various stakeholders to ensure systems meet stringent federal security standards.

Your day-to-day responsibilities will involve leveraging the Joint Cybersecurity Authorization Management (JCAM) system to conduct assessments, review security documentation, and provide actionable recommendations for mitigating security risks. This role offers the opportunity to work independently while being part of a collaborative team focused on continuous monitoring and improvement of security postures. You'll have direct impact on the security and integrity of critical government systems, ensuring they remain compliant with federal requirements and protected against evolving threats.

The ideal candidate is passionate about cybersecurity, enjoys solving complex security challenges, and thrives in an environment that requires both analytical thinking and effective communication with diverse teams.

Duties and Responsibilities

  • Perform security control assessments using the NIST Risk Management Framework (RMF) for federal systems
  • Leverage the Joint Cybersecurity Authorization Management (JCAM) system to conduct assessments, manage security controls, and provide recommendations
  • Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments
  • Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks
  • Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities
  • Conduct vulnerability management activities, including assessing remediation efforts and verifying controls
  • Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning
  • Maintain and update knowledge of federal security requirements and industry standards
  • Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking

Required Experience/Skills

  • Bachelor's degree with 8+ years of relevant experience (additional experience may be considered in lieu of a degree)
  • Minimum of 3 to 5 years performing security control assessments using the NIST Risk Management Framework (RMF)
  • In-depth knowledge of NIST publications: SP 800-53A Rev. 5, SP 800-53 Rev. 5, SP 800-37 Rev. 2, SP 800-137, SP 800-18 Rev. 1, FIPS 200, and FIPS 199
  • Experience with Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM) for assessment and management of security controls
  • Strong knowledge in account management, configuration management, vulnerability management, identity credentials and authorization management, contingency planning, audit and accountability, incident response, media protection, and cloud computing environments
  • Experience with POAM creation and management
  • Active Public Trust clearance or ability to obtain one
  • Strong analytical skills with the ability to assess complex security issues and propose solutions
  • Ability to work independently with little to no supervision
  • Excellent collaboration skills and team-oriented mindset
  • Adaptable and flexible to changes in priorities or tasking
  • Strong communication skills with the ability to interact effectively with multiple teams
  • Ability to travel up to 25% for site assessments, meetings, and other required duties

Nice-to-Haves

  • Experience with federal law enforcement agency organizations
  • Relevant cybersecurity certifications (CISSP, Security+, CAP, CISA, CISM)
  • Previous experience working in the D.C. area with federal agencies
  • Familiarity with eMASS or similar authorization management systems

Education

  • Bachelor's degree required (additional experience may be considered in lieu of a degree)

Pay & Benefits Summary

Pay up to $89/hr W2

Call-to-Action

Ready to make an impact on federal cybersecurity? Apply today to join a team dedicated to protecting critical government systems and information!

Keywords: Security Control Assessor | NIST RMF | 800-53 | Cybersecurity | Public Trust Clearance | JCAM | Federal Security | POAM | Risk Management Framework | Security Assessment | Washington DC | Information Security | Government Contractor | System Security 

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Catapult Solutions Group