We are seeking a highly skilled Security Control Assessor (SCA) to support independent cybersecurity assessments of systems in accordance with the Risk Management Framework (RMF). This role is ...
We are seeking a highly skilled Security Control Assessor (SCA) to support independent cybersecurity assessments of systems in accordance with the Risk Management Framework (RMF). This role is ...
Security Control Assessor
Washington, DC · Hybrid
Security Control Assessor III Responsibilities: * Leads comprehensive security assessments for complex or high-impact systems. * Oversees control testing strategies, validates remediation ...
Security Control Assessor
Washington, DC · Hybrid
Security Control Assessor III Responsibilities: * Leads comprehensive security assessments for complex or high-impact systems. * Oversees control testing strategies, validates remediation ...
Senior Security Control Assessor
Arlington, VA · On-site
$130K - $150K/yr
Senior Security Control Assessor Overview: TSA is currently seeking a Senior Security Control Assessor who will serve as a Functional Lead and provide support to our NAVAIR customer in the DC Metro ...
Senior Security Control Assessor
Arlington, VA · On-site
$130K - $150K/yr
Senior Security Control Assessor Overview: TSA is currently seeking a Senior Security Control Assessor who will serve as a Functional Lead and provide support to our NAVAIR customer in the DC Metro ...
Security Control Assessor
$60K - $180K/yr
M9 Solutions is seeking a Security Control Assessor to work onsite in support of a government contract for a client located in Washington, DC . An active Secret clearance is required.
Security Control Assessor
$60K - $180K/yr
M9 Solutions is seeking a Security Control Assessor to work onsite in support of a government contract for a client located in Washington, DC . An active Secret clearance is required.
Senior Security Control Assessor
Arlington, VA · On-site
$130K - $150K/yr
Senior Security Control Assessor Overview: TSA is currently seeking a Senior Security Control Assessor who will serve as a Functional Lead and provide support to our NAVAIR customer in the DC Metro ...
Quick apply
Senior Security Control Assessor
Arlington, VA · On-site
$130K - $150K/yr
Senior Security Control Assessor Overview: TSA is currently seeking a Senior Security Control Assessor who will serve as a Functional Lead and provide support to our NAVAIR customer in the DC Metro ...
Security Control Assessor
Washington, DC · On-site
$60K - $180K/yr
M9 Solutions is seeking a Security Control Assessor to work onsite in support of a government contract for a client located in Washington, DC . An active Secret clearance is required.
Security Control Assessor
Washington, DC · On-site
$60K - $180K/yr
M9 Solutions is seeking a Security Control Assessor to work onsite in support of a government contract for a client located in Washington, DC . An active Secret clearance is required.
Security Control Assessor
Colorado Springs, CO · On-site
$90K - $100K/yr
FEDITC is seeking a Security Control Assessor to support an effort to develop, implement, manage, and maintain a Risk Management Framework Cybersecurity Program at Peterson Space Force Base, Colorado.
Security Control Assessor
Colorado Springs, CO · On-site
$90K - $100K/yr
FEDITC is seeking a Security Control Assessor to support an effort to develop, implement, manage, and maintain a Risk Management Framework Cybersecurity Program at Peterson Space Force Base, Colorado.
SME Security Control Assessor
Arlington, VA · On-site +1
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
Quick apply
SME Security Control Assessor
Arlington, VA · On-site +1
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
Quick apply
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
FEDITC is seeking a Security Control Assessor to support an effort to develop, implement, manage, and maintain a Risk Management Framework Cybersecurity Program at Peterson Space Force Base, Colorado.
FEDITC is seeking a Security Control Assessor to support an effort to develop, implement, manage, and maintain a Risk Management Framework Cybersecurity Program at Peterson Space Force Base, Colorado.
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
Quick apply
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
Security Control Assessor
Triangle, VA · On-site
Security Control Assessor Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of ...
Security Control Assessor
Triangle, VA · On-site
Security Control Assessor Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
We are looking for a SME Security Control Assessor that supports security control assessment activities for HHS-ACF information systems by applying NIST security controls and frameworks to evaluate ...
Security Control Assessor
Washington, DC · On-site
$155K - $165K/yr
Security Control Assessor III Responsibilities: * Leads comprehensive security assessments for complex or high-impact systems. * Oversees control testing strategies, validates remediation ...
Security Control Assessor
Washington, DC · On-site
$155K - $165K/yr
Security Control Assessor III Responsibilities: * Leads comprehensive security assessments for complex or high-impact systems. * Oversees control testing strategies, validates remediation ...
Security Control Assessor
Chantilly, VA · On-site
SPA has an immediate need for a Security Control Assessor (SCA) . Responsibilities The successful candidate will provide expert-level cybersecurity analysis, engineering, and assessment services for ...
Security Control Assessor
Chantilly, VA · On-site
SPA has an immediate need for a Security Control Assessor (SCA) . Responsibilities The successful candidate will provide expert-level cybersecurity analysis, engineering, and assessment services for ...
Security Control Assessor
Chantilly, VA · On-site
SPA has an immediate need for a Security Control Assessor (SCA) . Responsibilities The successful candidate will provide expert-level cybersecurity analysis, engineering, and assessment services for ...
Security Control Assessor
Chantilly, VA · On-site
SPA has an immediate need for a Security Control Assessor (SCA) . Responsibilities The successful candidate will provide expert-level cybersecurity analysis, engineering, and assessment services for ...
Security Control Assessor
Mountain View, CA · On-site
$61K - $141K/yr
Security Control Assessor The Opportunity: As a cyber mission specialist, you understand the value of hunt-forward operations, and you know that battles are won in the grey. At Booz Allen, you can ...
Security Control Assessor
Mountain View, CA · On-site
$61K - $141K/yr
Security Control Assessor The Opportunity: As a cyber mission specialist, you understand the value of hunt-forward operations, and you know that battles are won in the grey. At Booz Allen, you can ...
Security Control Assessor
Chantilly, VA · On-site
This role acts as a senior technical advisor and Security Control Assessor (SCA), specializing in integrating security throughout the system lifecycle, translating technical risks into mission-impact ...
Security Control Assessor
Chantilly, VA · On-site
This role acts as a senior technical advisor and Security Control Assessor (SCA), specializing in integrating security throughout the system lifecycle, translating technical risks into mission-impact ...
Security Control Assessor
Chantilly, VA · On-site
SPA has an immediate need for a Security Control Assessor (SCA) . Responsibilities The successful candidate will provide expert-level cybersecurity analysis, engineering, and assessment services for ...
Security Control Assessor
Chantilly, VA · On-site
SPA has an immediate need for a Security Control Assessor (SCA) . Responsibilities The successful candidate will provide expert-level cybersecurity analysis, engineering, and assessment services for ...
Security Control Assessor
Oak Ridge, TN · On-site
Boston Government Services, LLC. (BGS) has created this Evergreen Talent Pool post for gathering qualified candidates for a position relating to Security Control Assessor to support our clients. BGS ...
Security Control Assessor
Oak Ridge, TN · On-site
Boston Government Services, LLC. (BGS) has created this Evergreen Talent Pool post for gathering qualified candidates for a position relating to Security Control Assessor to support our clients. BGS ...
Security Control Assessor information
See salary details
$8.89 - $15.19
2% of jobs
$15.19 - $21.48
2% of jobs
$21.48 - $27.78
0% of jobs
$27.78 - $34.07
0% of jobs
$34.07 - $40.36
3% of jobs
$40.36 - $46.66
5% of jobs
$50.35 is the 25th percentile. Wages below this are outliers.
$46.66 - $52.95
21% of jobs
The median wage is $58.08 / hr.
$52.95 - $59.24
20% of jobs
$59.24 - $65.54
18% of jobs
$67 is the 75th percentile. Wages above this are outliers.
$65.54 - $71.83
15% of jobs
$71.83 - $78.13
14% of jobs
$8
$58
$78
How much do security control assessor jobs pay per hour?
As of Jun 21, 2026, the average hourly pay for security control assessor in the United States is $58.77, according to ZipRecruiter salary data. Most workers in this role earn between $50.48 and $68.03 per hour, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as a Security Control Assessor, and why are they important?
To thrive as a Security Control Assessor, you need expertise in information security principles, risk management frameworks like NIST RMF, and a relevant bachelor's degree or equivalent work experience. Familiarity with security assessment tools, compliance management systems, and certifications such as CISSP, CISA, or CAP is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial for evaluating security controls and reporting findings clearly. These skills ensure accurate risk assessments, regulatory compliance, and robust protection of organizational information assets.
What is the difference between Security Control Assessor vs Security Analyst?
| Aspect | Security Control Assessor | Security Analyst |
|---|---|---|
| Certifications | Risk Management Framework (RMF), CISSP, CISA | CISSP, Security+ |
| Work Environment | Federal agencies, DoD, government compliance | Corporate, cybersecurity teams, IT departments |
| Responsibilities | Assess security controls, ensure compliance, audit | Monitor security, analyze threats, implement security measures |
The Security Control Assessor primarily evaluates security controls for compliance and risk management, often within government agencies. In contrast, the Security Analyst focuses on monitoring and analyzing security threats to protect organizational assets. While both roles require cybersecurity knowledge and certifications like CISSP, their focus areas and work environments differ significantly.
What are the main challenges Security Control Assessors face when evaluating complex information systems?
Security Control Assessors often encounter challenges such as rapidly evolving security threats, integrating new technologies, and ensuring compliance with multiple frameworks (like NIST, FISMA, or RMF). Assessing large, interconnected systems requires attention to detail and strong analytical skills to identify vulnerabilities and recommend effective controls. Collaboration with system owners, IT staff, and auditors is essential to obtain comprehensive documentation and clarify system boundaries, which can be a demanding part of the assessment process.
What are Security Control Assessors?
Security Control Assessors (SCAs) are professionals responsible for evaluating the security controls of information systems to ensure they meet required standards and regulations. They conduct assessments, document findings, and provide recommendations to help organizations manage risk and achieve compliance with frameworks such as NIST or FISMA. SCAs play a critical role in maintaining the security and integrity of sensitive data by identifying vulnerabilities and verifying that corrective actions are implemented effectively.
More about Security Control Assessor jobs
What cities are hiring for Security Control Assessor jobs? Cities with the most Security Control Assessor job openings:
What are the most commonly searched types of Security Control Assessor jobs? The most popular types of Security Control Assessor jobs are:
What states have the most Security Control Assessor jobs? States with the most job openings for Security Control Assessor jobs include:
What job categories do people searching Security Control Assessor jobs look for? The top searched job categories for Security Control Assessor jobs are:
What are popular job titles related to Security Control Assessor jobs? For Security Control Assessor jobs, the most frequently searched job titles are:
Job description
Job Description We are seeking a highly skilled Security Control Assessor (SCA) to support independent cybersecurity assessments of systems in accordance with the Risk Management Framework (RMF). This role is responsible for evaluating the implementation and effectiveness of security controls, assessing residual risk, and providing actionable recommendations to support authorization decisions. The ideal candidate brings deep DoD cybersecurity experience, strong analytical judgment, and the ability to communicate technical risk clearly to both cybersecurity and senior mission stakeholders.
This is a high-visibility role supporting mission-critical systems in a dynamic national security environment. Key Responsibilities Perform independent security control assessments of information systems in support of RMF authorization and continuous monitoring activities Evaluate the implementation, effectiveness, and compliance of security controls in accordance with NIST SP 800-53 and DoD cybersecurity requirements Review technical artifacts, system documentation, test results, and evidence to determine control inheritance, applicability, and residual risk Document assessment findings, vulnerabilities, recommendations, and risk impacts in clear and concise language Develop Security Assessment Reports (SARs), risk summaries, and briefing materials for Authorizing Officials and senior stakeholders Coordinate with system owners, ISSMs, engineers, and cybersecurity teams to validate findings and support remediation planning Assess cloud, hybrid, enclave, and enterprise architectures for cybersecurity compliance and security posture Support high-priority authorization decisions while ensuring alignment with mission execution and operational requirements Required Qualifications 7+ years of experience in cybersecurity, RMF, information assurance, or related information security roles Demonstrated experience performing security control assessments, compliance reviews, or cybersecurity audits Strong knowledge of Risk Management Framework (RMF), NIST SP 800-53, and security assessment methodologies Experience analyzing technical evidence and articulating cybersecurity risk to technical and non-technical stakeholders Prior experience supporting complex DoD or enterprise IT systems Active Secret Clearance (or higher) required Ability to work onsite at Joint Base Andrews, MD two days per week Prior DoD cybersecurity experience required CISSP certification required Preferred Qualifications Previous experience serving as a Security Control Assessor (SCA) or SCA-Validator Experience supporting Air Force systems or A4 mission environments Familiarity with cloud, hybrid, and enclave architectures Strong briefing, customer engagement, and stakeholder communication skills Additional certifications such as CISM or CISA preferredIdeal Candidate Profile Critical thinker with strong attention to technical detail Comfortable operating in mission-focused, high-visibility DoD environments Able to balance cybersecurity rigor with operational mission requirements Effective collaborator with engineers, program teams, and senior leadership Passionate about improving security posture and supporting national security missions
About Centurion Consulting Group
Sourced by ZipRecruiter
Company size
51 - 200 Employees
Headquarters location
Los Angeles, CA, US