2

Internship Remote Security Control Assessor Jobs

NIH - ISSM

Bethesda, MD ยท On-site +1

This position is fully remote. This position requires a Public Trust or the ability to obtain a ... Coordinate with Security Control Assessors (SCAs), Authorizing Officials (AOs), System Owners ...

Security Architect - Consultant 9309

Miami, FL ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

Harrisburg, PA ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

This position is anticipated to be majority remote, but with the ability to travel and visit the ... Support security control assessments and coordinate responses to findings * Align controls with ...

This position is anticipated to be majority remote, but with the ability to travel and visit the ... Support security control assessments and coordinate responses to findings * Align controls with ...

Security Architect - Consultant 9309

East Rutherford, NJ ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

Washington, DC ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

New York, NY ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

Philadelphia, PA ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

Tallahassee, FL ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

Austin, TX ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

Security Architect - Consultant 9309

Columbus, OH ยท Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... control, logging and reporting systems 5+ years of experience and expertise in automation ...

next page

Showing results 1-20

Internship Remote Security Control Assessor information

See salary details

$8

$58

$78

How much do internship remote security control assessor jobs pay per hour?

As of Jul 16, 2026, the average hourly pay for internship remote security control assessor in the United States is $58.77, according to ZipRecruiter salary data. Most workers in this role earn between $50.48 and $68.03 per hour, depending on experience, location, and employer.
More about Internship Remote Security Control Assessor jobs
What cities are hiring for Internship Remote Security Control Assessor jobs? Cities with the most Internship Remote Security Control Assessor job openings:
What are the most commonly searched types of Remote Security Control Assessor jobs? The most popular types of Remote Security Control Assessor jobs are:
What states have the most Internship Remote Security Control Assessor jobs? States with the most job openings for Internship Remote Security Control Assessor jobs include:

Information System Security Officer

Hiring Our Heroes

Arlington, VA โ€ข Remote

Full-time

Re-posted just now


Job description

Information System Security Officer

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

The Information Systems Security Officer (ISSO) is responsible for supporting the full lifecycle of security assessment and authorization (A&A) activities for information systems. The ISSO ensures that assigned systems comply with federal cybersecurity standards and maintain their Authority to Operate (ATO) through continuous monitoring and documentation.

The ISSO will be responsible for developing and providing risk assessments, Security Control Assessments (SCA), A&A documentation and various reports, based on NIST guidelines and client's policies, procedures and request. The ISSO will be responsible for providing security recommendations on any system changes or new technologies, analysis on vulnerability scans, conducting continuous monitoring activities, and provide mitigation recommendations for any risks or threats.

RESPONSIBILITIES:

  • Lead and conduct Pre-Security Assessment and Authorization (A&A) activities, including stakeholder identification, change request submissions, appointment memorandums, and IT Security Kickoff meetings.
  • Supports the ISBO in day-to-day IT security activities.
  • Assists the ISBO with reviews of the security posture of the system and report any findings to the ISBO, CISO, and the AO.
  • Conduct Information System Categorization by identifying information types, completing FIPS-199 assessments, and facilitating Business Impact Analyses (BIA), Privacy Threshold Analyses (PTA), and Privacy Impact Assessments (PIA).
  • Develop and maintain system security documentation, including:
    • System Administration Plan (SAM)
    • Configuration Management Plan (CMP)
    • IT Contingency Plan (ITCP)
    • Information Security Continuous Monitoring (ISCM) Plan
    • Incident Response Plan (IRP)
    • Security Assessment Report (SAR)
    • System Security Plan (SSP)
  • Coordinate initial and annual ITCP testing in collaboration with the OCIO Business Continuity and Disaster Recovery (BCDR) Office.
  • Develop and manage inter-agency agreements and documentation such as MOUs, MOAs, ISAs, IT Security Waivers, and Risk Acceptance Memorandums.
  • Document and maintain Security Control Implementation details, ensuring updates are made according to required frequency.
  • Coordinate vulnerability and compliance scans, Security Control Assessments (SCA), and track remediation efforts with the IT Security Test Team.
  • Manage and update Plan of Action and Milestones (POA&M) entries, submitting remediated findings for closure.
  • Prepare and present SAR to Authorizing Officials to obtain or renew ATO.
  • Perform Information Security Continuous Monitoring (ISCM) activities to ensure ongoing compliance and security posture of systems.
  • Develop and update project schedule, including A&A / SCA task and milestones, task dependencies, and personnel resources.
  • Conduct A&A activities and tasks and obtain ATO in line with NIST and client guidance and directives.
  • Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199.
  • Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices.
  • Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility.
  • Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System.
  • Implement security controls based on IT System FIPS categorization.
  • Document security control implementation in the system's Security Plan using the client's GRC tool.
  • Document system's risk assessment per client directives and requirements.
  • Review and monitoring system security and audit logs.
  • Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems.
  • Update A&A documentation and artifacts on a regular basis (e.g. annually, after approved change).

QUALIFICATIONS:

  • A minimum of five (5) years of demonstrated experience in the Information Security or IT field.
  • Demonstrates a proficiency with developing, maintaining and managing SA&A packages.
  • Experience with developing and managing POA&M's.
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment.
  • Strong understanding of federal cybersecurity frameworks (e.g., NIST RMF, FIPS-199, FISMA).
  • Experience in developing and maintaining security documentation and plans.
  • Possess experience conducting CPT's.
  • Experience conducting audit log reviews.
  • Technical experience with conducting vulnerability management, compliance scanning, and providing mitigation techniques.
  • Excellent communication and coordination skills with technical and non-technical stakeholders.
  • Ability to manage multiple systems and projects simultaneously in a dynamic environment.
  • Excellent communication (written and verbal) skills.

CERTIFICATION:

  • A minimum of at least one (1) certification that meet DOD 8570 IAT Level II (e.g., Security+, GSEC, CASP) requirements or any equivalent or more advanced.

CLEARANCE:

  • Client Suitability and Public Trust

LOCATION and HOURS:

  • Location: Primary location is at Zermount HQ (Arlington, VA) and the Client Site (Washington, D.C.). Remote work is authorized.
    • Onsite work at the primary location., may be occasionally required.
  • Hours of Operation (Business Hours): 8:00 am ET - 5:30 pm ET