1

Security Assessor Jobs (NOW HIRING)

TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection ...

TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection ...

Description Associate Qualified Security Assessor Location: US Remote About VikingCloud VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a ...

Description Position at VikingCloud Associate Qualified Security Assessor Location: US Remote About VikingCloud VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company ...

Security Control Assessor (SCA) LOCATION Aurora, CO 80014 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail ...

Security Control Assessor (SCA) LOCATION San Antonio, TX 78208 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail ...

Security Control Assessor (SCA) LOCATION Chantilly, VA 20151 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail ...

Security Control Assessor (SCA) LOCATION Reston, VA 20190 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail ...

Security Control Assessor (SCA) LOCATION Honolulu, HI 96815 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail ...

Security Control Assessor (SCA) LOCATION Tysons, VA 22182 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a meticulous and detail ...

next page

Showing results 1-20

Security Assessor information

See salary details

$8

$58

$78

How much do security assessor jobs pay per hour?

As of Jul 16, 2026, the average hourly pay for security assessor in the United States is $58.77, according to ZipRecruiter salary data. Most workers in this role earn between $50.48 and $68.03 per hour, depending on experience, location, and employer.

What does a security assessor do?

A security assessor evaluates an organization's security measures, policies, and systems to identify vulnerabilities and ensure compliance with security standards. They conduct risk assessments, review security controls, and may use tools like vulnerability scanners, often requiring certifications such as CISSP or CISA. Their work helps organizations protect sensitive information and maintain security posture.

How to become a security control assessor?

To become a security control assessor, individuals typically need a background in cybersecurity, information technology, or related fields, along with experience in security frameworks such as NIST or ISO. Earning relevant certifications like Certified Authorization Professional (CAP) or Certified Information Systems Security Professional (CISSP) can enhance qualifications. Assessors often undergo specialized training and may need to obtain government or industry-specific clearance depending on the environment they work in.

Is SOC analyst a high paying job?

SOC analysts typically earn competitive salaries that vary by experience, location, and employer. Entry-level positions may start lower, but with certifications like CompTIA Security+ or CISSP, salaries can increase significantly, especially for those with specialized skills in threat detection and incident response.

What are the key skills and qualifications needed to thrive as a Security Assessor, and why are they important?

To thrive as a Security Assessor, you need a thorough understanding of information security principles, risk assessment methodologies, and compliance frameworks, often supported by a degree in cybersecurity or related fields. Familiarity with tools such as vulnerability scanners, compliance management systems, and certifications like CISSP, CISA, or PCI QSA is typically required. Strong analytical thinking, attention to detail, and clear communication are vital soft skills for accurately identifying risks and conveying findings to stakeholders. These skills ensure that organizations remain compliant, secure, and resilient against evolving cyber threats.

What are some common challenges Security Assessors face when conducting security audits, and how can they overcome them?

Security Assessors often encounter challenges such as incomplete documentation, resistance from stakeholders, and rapidly changing technology environments. To overcome these, assessors should develop strong communication skills to build trust, encourage transparency, and ensure all relevant parties understand the importance of compliance. Staying current with industry standards and maintaining flexibility in their assessment approach also helps them adapt to new threats and technologies, ensuring thorough and effective audits.

What are Security Assessors?

Security Assessors are professionals who evaluate the security measures, policies, and practices of an organization to identify vulnerabilities and ensure compliance with security standards and regulations. They conduct assessments such as penetration testing, risk analysis, and audits to help organizations safeguard their information systems against threats. Security Assessors often work with frameworks like PCI DSS, ISO 27001, and NIST to ensure best practices are followed. Their work is crucial for maintaining the confidentiality, integrity, and availability of sensitive data.

What is the difference between Security Assessor vs Security Analyst?

AspectSecurity AssessorSecurity Analyst
CertificationsISO 27001 Lead Auditor, CISSP, CISACISSP, Security+
Work EnvironmentAudit, compliance, risk assessmentMonitoring, incident response, threat analysis
Employer & IndustryConsulting firms, large organizations, governmentIT departments, security firms, corporations

Security Assessors primarily focus on evaluating security controls, conducting audits, and ensuring compliance with standards like ISO 27001. Security Analysts monitor security systems, analyze threats, and respond to incidents. While both roles require cybersecurity knowledge and certifications, Assessors emphasize compliance and auditing, whereas Analysts focus on threat detection and response.

Which security certificate pays the most?

For security assessors, the Certified Information Systems Security Professional (CISSP) is among the highest-paying certifications, often leading to higher salaries due to its advanced knowledge requirements. Other valuable certifications include Certified Information Security Manager (CISM) and Certified Ethical Hacker (CEH), which can also enhance earning potential in security roles. Salary varies based on experience, location, and employer, but these certifications are generally associated with higher compensation in cybersecurity and security assessment positions.
More about Security Assessor jobs
What cities are hiring for Security Assessor jobs? Cities with the most Security Assessor job openings:
What states have the most Security Assessor jobs? States with the most job openings for Security Assessor jobs include:
What job categories do people searching Security Assessor jobs look for? The top searched job categories for Security Assessor jobs are:

Security Assessor

TLA-LLC

Mclean, VA • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

Re-posted 29 days ago


Job description

TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information systems and software applications to ensure the protection of data and compliance with industry standards and regulations. This role involves conducting comprehensive assessments, identifying vulnerabilities and security risks, and working with IT and development teams to recommend and validate remediation strategies. The ideal candidate possesses a deep understanding of cybersecurity principles, risk management frameworks, and the ability to communicate complex information clearly to technical and non-technical stakeholders.
Key Responsibilities
• Conduct Security Assessments: Perform in-depth evaluations and testing of management, operational, and technical security controls across various systems, networks, and software applications.
• Identify Vulnerabilities and Risks: Utilize assessment tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document findings, and assess the severity of risk.
• Documentation and Reporting: Prepare detailed documentation, including Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&Ms), for identified weaknesses and deficiencies.
• Ensure Compliance: Verify and validate that systems and processes meet established security requirements and industry-specific regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, HIPAA, FedRAMP).
• Remediation and Collaboration: Collaborate with system owners, IT teams, and developers to recommend corrective actions, provide guidance on secure practices, and ensure the proper implementation of mitigation strategies.
• Continuous Monitoring: Support the development and implementation of a continuous monitoring strategy and assess proposed changes to information systems that could affect their security posture.
Stay Current: Monitor and analyze security trends, threats, and new technologies to stay updated on emerging risks and mitigation techniques.
Requirements
• Education: A Bachelor's degree in Computer Science, Information Security, Information Systems, or a related field, or equivalent work experience.
• Experience: A minimum of 3-5 years of experience in cybersecurity, risk management, or security assessment/auditing roles.
• Technical Knowledge: Strong knowledge of cybersecurity principles, network protocols, operating systems, and web application security.
• Frameworks and Guidelines: In-depth understanding and practical experience with security frameworks and guidelines such as the NIST 800-series (e.g., RMF, NIST 800-53/53A, FIPS), ISO 27001, or similar.
• Assessment Tools: Proficiency in using security assessment and vulnerability scanning tools (e.g., Nessus, Burp Suite, OWASP ZAP).
• Analytical Skills: Excellent problem-solving, analytical, and critical thinking skills with strong attention to detail.
• Communication: Strong written and verbal communication skills to prepare reports, present findings, and advise diverse stakeholders effectively.
Preferred Certifications
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Authorization Professional (CAP)
• Certified Information Systems Auditor (CISA)
• Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) (if applicable to the specific role's focus on penetration testing)
Qualified Security Assessor (QSA) (for roles specifically focused on PCI DSS compliance).
Benefits
At TLA, we build solutions that matter-supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission-focused outcomes for our customers.
We offer a competitive and comprehensive benefits package including:
  • Competitive salary and performance bonuses
  • Medical, dental, and vision coverage
  • Paid time off and federal holidays
  • 401(k) with company match
  • Education and certification reimbursement
  • Training and professional development opportunities
  • Employee referral bonuses and team events

TLA is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.