2

Remote Security Control Assessor Jobs in Reston, VA

Remote / Alexandria, VA Clearance: Preferred US Gov Secret or above clearance (not a hard ... Security Control Assessors for ATO package development. * Serve as an internal primary subject ...

Senior Director - Cyber Security & Innovation

VA · On-site +1

$111K - $150K/yr

... 53 control implementation, security control assessments (SCA), system authorization (ATO ... Remote EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants ...

Role: Access Management Lead Location: (Local to Reston, VA preferred but will accept remote ... control policies, ensure compliance with security requirements, and coordinate with cross ...

Remote for Non-local within DMV (but 4 days on-site for candidates local to Reston, VA) Duration ... strong security control. * Experience in integration between Concur Expense and other apps (e.g ...

next page

Showing results 1-20

Remote Security Control Assessor information

See Reston, VA salary details

$9

$61

$81

How much do remote security control assessor jobs pay per hour?

As of Jul 12, 2026, the average hourly pay for remote security control assessor in Reston, VA is $61.14, according to ZipRecruiter salary data. Most workers in this role earn between $52.50 and $70.77 per hour, depending on experience, location, and employer.

What is a Remote Security Control Assessor job?

A Remote Security Control Assessor evaluates and ensures that an organization's security controls comply with industry standards and regulations. They perform risk assessments, analyze security policies, and recommend improvements to enhance cybersecurity. Working remotely, they assess systems, review documentation, and collaborate with internal teams and stakeholders. Their goal is to identify vulnerabilities and ensure that security frameworks align with compliance requirements such as NIST, ISO 27001, or FedRAMP.

What are the key skills and qualifications needed to thrive in the Remote Security Control Assessor position, and why are they important?

To thrive as a Remote Security Control Assessor, you need expertise in information security frameworks, risk assessment methodologies, and IT auditing, typically supported by a bachelor's degree in cybersecurity or a related field. Familiarity with assessment tools (like Nessus or NIST compliance checklists), experience with GRC (governance, risk, compliance) platforms, and relevant certifications such as CISSP or CISA are highly valued. Excellent analytical skills, attention to detail, and strong written and verbal communication abilities help remote assessors excel, especially when working independently or with cross-functional teams. These skills are critical for accurately evaluating security controls, ensuring regulatory compliance, and communicating findings effectively in a remote work environment.

What are some typical responsibilities of a Remote Security Control Assessor on a day-to-day basis?

A Remote Security Control Assessor typically reviews security policies, analyzes technical controls, and conducts risk assessments to ensure compliance with industry standards and client requirements. Daily tasks often include evaluating documentation, coordinating virtual meetings with stakeholders, preparing assessment reports, and recommending remediation actions for identified vulnerabilities. You’ll collaborate with IT teams, compliance officers, and management to gather evidence and share assessment findings. Strong organizational and communication skills are essential, as much of the work is self-directed and relies on effective remote coordination with clients and internal teams.

What are popular job titles related to Remote Security Control Assessor jobs in Reston, VA? For Remote Security Control Assessor jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Remote Security Control Assessor jobs in Reston, VA look for? The top searched job categories for Remote Security Control Assessor jobs in Reston, VA are:
What cities near Reston, VA are hiring for Remote Security Control Assessor jobs? Cities near Reston, VA with the most Remote Security Control Assessor job openings:
Infographic showing various Remote Security Control Assessor job openings in Reston, VA as of July 2026, with employment types broken down into 67% Full Time, and 33% Part Time. Highlights an 100% Remote job distribution, with an average salary of $127,169 per year, or $61.1 per hour.

DevSecOps Engineer

GeoDelphi

Alexandria, VA • Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 7 days ago


Job description

Position: DevSecOps Engineer

Location: Remote / Alexandria, VA

Clearance: Preferred US Gov Secret or above clearance (not a hard requirement)

Whitespace is dedicated to delivering innovative technological solutions that meet the highest standards of security and compliance. We are seeking a highly experienced Senior DevSecOps Engineer to join our team and play a key role in strengthening our cybersecurity posture and supporting federal compliance requirements.

We are seeking a DevSecOps Engineer with deep expertise in DoD DevSecOps Reference Architecture, secure CI/CD implementation, and Defense cloud environments (AWS GovCloud, Azure Government, DoD Cloud or Air gapped environments). The ideal candidate combines hands-on engineering capability with a strong understanding of DoD cybersecurity requirements, RMF compliance, and infrastructure automation.

The Senior DevSecOps Engineer will lead efforts to integrate security practices into our development and operations processes, with a primary focus on assisting the company in obtaining and maintaining a DoD/DoW Authorization to Operate (ATO). If you're passionate about making a difference in the world and being part of groundbreaking technology in national security, this position is for you!

This position is 100% remote! We're looking for a candidate who is a U.S. citizen and resides in the contiguous United States. You'll be a W-2 employee of GeoDelphi, Inc., and we do not accept third-party applications. This role requires less than 20% travel.

Requirements

1. Secure CI/CD and Cloud Infrastructure

  • Design, implement, and maintain secure CI/CD pipelines aligned with DoD Enterprise DevSecOps Reference Design (DSOP).
  • Automate deployment of secure environments using Terraform, Ansible, or CloudFormation for DoD or FedRAMP-compliant systems.
  • Integrate static code analysis (SAST), dynamic testing (DAST), container scanning and various security toolsets within pipelines to enforce continuous compliance.

2. Security Baselines & Compliance Integration

  • Implement and manage DoD STIGs, DISA baselines, and RMF controls in Infrastructure as Code (IaC).
  • Translate DoD security controls into automated enforcement and validation within development pipelines.
  • Develop scripts and tools for compliance validation (e.g., OpenSCAP, Chef InSpec, PowerSTIG).
  • Help co-develop & maintain technical documentation for RMF authorization and continuous monitoring processes.

3. Automation & Toolchain Management

  • Implement and manage DevSecOps tools such as GitLab, Jenkins, ArgoCD, Harbor, Nexus, SonarQube, Anchore, etc.
  • Automate container security and orchestrate deployments using Kubernetes (Big Bang, Iron Bank images or similar.
  • Manage secret storage, credential rotation, and logging using Vault, DoD-approved KMS, or AWS Secrets Manager.

4. Collaboration and Governance

  • Work closely with security, development, and operations teams to ensure alignment with DoD RMF, NIST SP 800-53, and/or FedRAMP.
  • Collaborate with Information System Security Officers (ISSOs), Information Systems Security Managers (ISSMs) and Security Control Assessors for ATO package development.
  • Serve as an internal primary subject matter expert in federal compliance standards and cybersecurity practices.

EXPERIENCE

  • Bachelor's degree in Computer Science or related field (or equivalent experience).
  • 7+ years of hands-on experience with DevSecOps in AI/ML or data-intensive systems.
  • Familiarity with OpenShift or Kubernetes security hardening.
  • Knowledge of Zero Trust Architecture (ZTA) concepts.
  • Proven experience managing and driving successful ATO processes.
  • Expertise with DevSecOps tools, practices, and frameworks.
  • Strong understanding of federal security compliance standards (e.g., NIST 800-53, RMF, FedRAMP).
  • Hands-on experience with cloud environments (AWS, Azure, or GCP) and containerization (Docker, Kubernetes).
  • Strong scripting and automation skills (Python, Bash, or similar).
  • Excellent leadership, communication, and documentation abilities.
  • Active security clearance or eligibility to obtain one.

DESIRED SKILLS

  • Previous experience directly supporting government contracting or federal agencies.
  • Relevant certifications such as: Certified Kubernetes Administrator (CKA), AWS Certified Security or DevOps Engineer, HashiCorp Certified Terraform Associate

Benefits

GEODELPHI BENEFITS

  • Medical, Dental, and Vision plans
  • Unlimited PTO Federal Holiday Paid Leave
  • 12 weeks of paid Parental Leave
  • Employer paid STD/LTD
  • Employer Paid Life Insurance
  • 401K plan and Employer Match Professional Development Assistance
  • Equity Incentive Plan

Who we are: GeoDelphi, Inc. dba Whitespace is building AI solutions for global leaders. Recognized as the most innovative company in the Geospatial Industry, Whitespace exponentially accelerates speed-to-answer with powerful analytics, high-cadence data feeds, and human expert-machine teaming. Our answers are rooted in truth data about human activity, delivering reliable decision advantage that keeps pace with world events. Whitespace is headquartered in Alexandria, Virginia. For further information, visit: http://www.inthewhitespace.com.

GeoDelphi, Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, pregnancy, gender identity, national origin, disability, or Veteran status.