Overview
On Site
USD 120,001.00 - 160,000.00 per year
Full Time
Skills
Cyber Security
SCA
Information Systems
System Documentation
Testing
Decision-making
Regulatory Compliance
CNSS
Training
Information Assurance
Security Clearance
Risk Management
Management
Authorization
Risk Management Framework
RMF
System Security
Security Analysis
Security Controls
Analytical Skill
Problem Solving
Conflict Resolution
Nmap
Information Technology
Systems Engineering
FOCUS
Job Details
Job ID: 2509824
Location: SAN DIEGO, CA, US
Date Posted: 2025-09-15
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: TS/SCI
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
A Security Control Assessor (SCA) evaluates the effectiveness of security measures implemented in information systems to protect sensitive data and ensure compliance with regulations as well as conducting a comprehensive assessment of implemented controls with regulations as well as conducting a comprehensive assessment of implemented controls and control enhancements to determine the effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements. They conduct assessments, analyze results, and recommend corrective actions to address vulnerabilities, ultimately contributing to the overall security posture of an organization.
This is an onsite role in San Diego, CA
Conduct Security Assessments: Perform in-depth assessments of management, operational, and technical security controls within information systems. This includes reviewing system documentation, conducting interviews, and performing hands-on testing to evaluate the effectiveness of security measures of implemented system-specific controls and system-implemented parts of hybrid controls are assessed.
Identify Vulnerabilities: Analyze the results of their assessments to identify weaknesses and deficiencies in security controls. They assess the severity of these vulnerabilities and their potential impact on the system and organization.
Recommend Corrective Actions: Based on their findings, develop recommendations for corrective actions to address identified vulnerabilities and improve the overall security posture of the system.
Prepare Reports: When a control assessment is conducted in support of an authorization decision or ongoing authorization. SCAs document their findings and recommendations in formal security assessment reports. These reports must be based on an impartial and unbiased assessment process; determining the credibility of the assessment results; and ensuring that the authorizing official receives objective information to make an informed, risk-based authorization decision. These reports are used to inform decision-making and guide remediation efforts.
Contribute to Risk Management: Play a crucial role in the risk management process by identifying and assessing potential risks associated with vulnerabilities and contributing to the development of mitigation strategies.
Ensure Compliance: Ensure that systems comply with relevant security policies, standards, and regulations (e.g., NIST, CNSS).
Maintain Knowledge: Stay up-to-date on the latest security threats, vulnerabilities, and best practices to effectively perform their duties. Completes training and maintain certifications. Personnel performing any information assurance Workforce System.
Qualifications
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
U.S. Citizenship and an active TS/SCI clearance.
Risk Management: Ability to assess and manage risks associated with security vulnerabilities.
Assessment and Authorization (A&A) Processes: Experience with the Risk Management Framework (RMF) and related processes, including System Security Plans (SSPs), Security Assessment Plans (SAPs), and Security Assessment Reports (SARs).
Security Controls: In-depth knowledge of security controls and their implementation.
Analytical Skills: Ability to analyze complex information, identify patterns, and draw logical conclusions.
Problem-Solving Skills: Ability to identify and resolve security vulnerabilities and develop effective solutions.
Experience with Security Tools: Familiarity with security tools such as Nmap, ACAS, and STIGViewer.
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Location: SAN DIEGO, CA, US
Date Posted: 2025-09-15
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: TS/SCI
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
A Security Control Assessor (SCA) evaluates the effectiveness of security measures implemented in information systems to protect sensitive data and ensure compliance with regulations as well as conducting a comprehensive assessment of implemented controls with regulations as well as conducting a comprehensive assessment of implemented controls and control enhancements to determine the effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements. They conduct assessments, analyze results, and recommend corrective actions to address vulnerabilities, ultimately contributing to the overall security posture of an organization.
This is an onsite role in San Diego, CA
Conduct Security Assessments: Perform in-depth assessments of management, operational, and technical security controls within information systems. This includes reviewing system documentation, conducting interviews, and performing hands-on testing to evaluate the effectiveness of security measures of implemented system-specific controls and system-implemented parts of hybrid controls are assessed.
Identify Vulnerabilities: Analyze the results of their assessments to identify weaknesses and deficiencies in security controls. They assess the severity of these vulnerabilities and their potential impact on the system and organization.
Recommend Corrective Actions: Based on their findings, develop recommendations for corrective actions to address identified vulnerabilities and improve the overall security posture of the system.
Prepare Reports: When a control assessment is conducted in support of an authorization decision or ongoing authorization. SCAs document their findings and recommendations in formal security assessment reports. These reports must be based on an impartial and unbiased assessment process; determining the credibility of the assessment results; and ensuring that the authorizing official receives objective information to make an informed, risk-based authorization decision. These reports are used to inform decision-making and guide remediation efforts.
Contribute to Risk Management: Play a crucial role in the risk management process by identifying and assessing potential risks associated with vulnerabilities and contributing to the development of mitigation strategies.
Ensure Compliance: Ensure that systems comply with relevant security policies, standards, and regulations (e.g., NIST, CNSS).
Maintain Knowledge: Stay up-to-date on the latest security threats, vulnerabilities, and best practices to effectively perform their duties. Completes training and maintain certifications. Personnel performing any information assurance Workforce System.
Qualifications
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
U.S. Citizenship and an active TS/SCI clearance.
Risk Management: Ability to assess and manage risks associated with security vulnerabilities.
Assessment and Authorization (A&A) Processes: Experience with the Risk Management Framework (RMF) and related processes, including System Security Plans (SSPs), Security Assessment Plans (SAPs), and Security Assessment Reports (SARs).
Security Controls: In-depth knowledge of security controls and their implementation.
Analytical Skills: Ability to analyze complex information, identify patterns, and draw logical conclusions.
Problem-Solving Skills: Ability to identify and resolve security vulnerabilities and develop effective solutions.
Experience with Security Tools: Familiarity with security tools such as Nmap, ACAS, and STIGViewer.
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.