Continuously assess effectiveness of enterprise security controls as the ecosystem expands and the ... Support purple-team exercises and control-efficacy testing to verify depth and resilience under ...
Continuously assess effectiveness of enterprise security controls as the ecosystem expands and the ... Support purple-team exercises and control-efficacy testing to verify depth and resilience under ...
Undertake planned second line risk assessments, application control reviews and third party risk management. * Assist with Executive and Board level risk reporting on Information Security and ...
Undertake planned second line risk assessments, application control reviews and third party risk management. * Assist with Executive and Board level risk reporting on Information Security and ...
Undertake planned second line risk assessments, application control reviews and third party risk management. * Assist with Executive and Board level risk reporting on Information Security and ...
Undertake planned second line risk assessments, application control reviews and third party risk management. * Assist with Executive and Board level risk reporting on Information Security and ...
Sr Lead Security Engineer - Workforce
$111K - $152K/yr
Be responsible for triaging based on risk assessments of various threats and managing resources to ... Expertise in version control systems (e.g., Git, BitBucket) and agile work management tools (e.g ...
Sr Lead Security Engineer - Workforce
$111K - $152K/yr
Be responsible for triaging based on risk assessments of various threats and managing resources to ... Expertise in version control systems (e.g., Git, BitBucket) and agile work management tools (e.g ...
Sr Lead Security Engineer - Workforce
$111K - $152K/yr
Be responsible for triaging based on risk assessments of various threats and managing resources to ... Expertise in version control systems (e.g., Git, BitBucket) and agile work management tools (e.g ...
Sr Lead Security Engineer - Workforce
$111K - $152K/yr
Be responsible for triaging based on risk assessments of various threats and managing resources to ... Expertise in version control systems (e.g., Git, BitBucket) and agile work management tools (e.g ...
Sr Lead Security Engineer - Workforce
Wilmington, DE ยท On-site
$111K - $152K/yr
Be responsible for triaging based on risk assessments of various threats and managing resources to ... Expertise in version control systems (e.g., Git, BitBucket) and agile work management tools (e.g ...
Sr Lead Security Engineer - Workforce
Wilmington, DE ยท On-site
$111K - $152K/yr
Be responsible for triaging based on risk assessments of various threats and managing resources to ... Expertise in version control systems (e.g., Git, BitBucket) and agile work management tools (e.g ...
Oversee enterprise risk assessments, third-party risk management, and control effectiveness evaluations. * Translate regulatory, legal, and contractual requirements into actionable security controls ...
Oversee enterprise risk assessments, third-party risk management, and control effectiveness evaluations. * Translate regulatory, legal, and contractual requirements into actionable security controls ...
... assessments, third-party risk management, and control effectiveness evaluations. โข Translate regulatory, legal, and contractual requirements into actionable security controls and architectural ...
... assessments, third-party risk management, and control effectiveness evaluations. โข Translate regulatory, legal, and contractual requirements into actionable security controls and architectural ...
Oversee enterprise risk assessments, third-party risk management, and control effectiveness evaluations. * Translate regulatory, legal, and contractual requirements into actionable security controls ...
Oversee enterprise risk assessments, third-party risk management, and control effectiveness evaluations. * Translate regulatory, legal, and contractual requirements into actionable security controls ...
Security Engineering * Identity and Access Management (IAM) * Continuous Threat and Exposure ... control monitoring and assessment in alignment with Governance Risk and Control Function * Ensure ...
Security Engineering * Identity and Access Management (IAM) * Continuous Threat and Exposure ... control monitoring and assessment in alignment with Governance Risk and Control Function * Ensure ...
Security Engineering * Identity and Access Management (IAM) * Continuous Threat and Exposure ... control monitoring and assessment in alignment with Governance Risk and Control Function * Ensure ...
Security Engineering * Identity and Access Management (IAM) * Continuous Threat and Exposure ... control monitoring and assessment in alignment with Governance Risk and Control Function * Ensure ...
Security Guard
Wilmington, DE ยท On-site
$15.50 - $19/hr
Provide access control into the Hospital and specific areas of the Hospital as well as apply ... Provide first responder assessment of threats against staff, patients, and families. Qualifications:
Security Guard
Wilmington, DE ยท On-site
$15.50 - $19/hr
Provide access control into the Hospital and specific areas of the Hospital as well as apply ... Provide first responder assessment of threats against staff, patients, and families. Qualifications:
Security Guard
$15.50 - $19/hr
Provide access control into the Hospital and specific areas of the Hospital as well as apply ... Provide first responder assessment of threats against staff, patients, and families. Qualifications:
Security Guard
$15.50 - $19/hr
Provide access control into the Hospital and specific areas of the Hospital as well as apply ... Provide first responder assessment of threats against staff, patients, and families. Qualifications:
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
Quick apply
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
Security Professional Flex Officer
New Castle, DE ยท On-site
$24/hr
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
Security Professional Flex Officer
New Castle, DE ยท On-site
$24/hr
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
Security Professional Flex Officer
New Castle, DE ยท On-site
$24/hr
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
Security Professional Flex Officer
New Castle, DE ยท On-site
$24/hr
... in Access Control Systems to include access badge modification. (i.e., issuing badges, changing ... Assess and evaluate situations effectively; identify critical issues quickly and accurately
Security Engineer III
Wilmington, DE ยท On-site
... assessment documentation, validating outputs and ensuring sensitive data is handled appropriately ... control validation, ensuring traceability/auditability and alignment to resiliency and security ...
Security Engineer III
Wilmington, DE ยท On-site
... assessment documentation, validating outputs and ensuring sensitive data is handled appropriately ... control validation, ensuring traceability/auditability and alignment to resiliency and security ...
Security Engineer III
Wilmington, DE ยท On-site
... assessment documentation, validating outputs and ensuring sensitive data is handled appropriately ... control validation, ensuring traceability/auditability and alignment to resiliency and security ...
Security Engineer III
Wilmington, DE ยท On-site
... assessment documentation, validating outputs and ensuring sensitive data is handled appropriately ... control validation, ensuring traceability/auditability and alignment to resiliency and security ...
Security Engineering * Identity and Access Management (IAM) * Continuous Threat and Exposure ... control monitoring and assessment in alignment with Governance Risk and Control Function * Ensure ...
Security Engineering * Identity and Access Management (IAM) * Continuous Threat and Exposure ... control monitoring and assessment in alignment with Governance Risk and Control Function * Ensure ...
Security Control Assessor information
See Delaware salary details
$8.90 - $15.20
2% of jobs
$15.20 - $21.50
2% of jobs
$21.50 - $27.80
0% of jobs
$27.80 - $34.10
0% of jobs
$34.10 - $40.40
3% of jobs
$40.40 - $46.70
5% of jobs
$50.40 is the 25th percentile. Wages below this are outliers.
$46.70 - $53
21% of jobs
The median wage is $58.13 / hr.
$53 - $59.29
20% of jobs
$59.29 - $65.59
18% of jobs
$67.06 is the 75th percentile. Wages above this are outliers.
$65.59 - $71.89
15% of jobs
$71.89 - $78.19
14% of jobs
$8
$58
$78
How much do security control assessor jobs pay per hour?
Can you make $500,000 a year in cyber security?
Is SOC an entry level job?
What are the key skills and qualifications needed to thrive as a Security Control Assessor, and why are they important?
What skills do you need to be a security control assessor?
What is the difference between Security Control Assessor vs Security Analyst?
| Aspect | Security Control Assessor | Security Analyst |
|---|---|---|
| Certifications | Risk Management Framework (RMF), CISSP, CISA | CISSP, Security+ |
| Work Environment | Federal agencies, DoD, government compliance | Corporate, cybersecurity teams, IT departments |
| Responsibilities | Assess security controls, ensure compliance, audit | Monitor security, analyze threats, implement security measures |
The Security Control Assessor primarily evaluates security controls for compliance and risk management, often within government agencies. In contrast, the Security Analyst focuses on monitoring and analyzing security threats to protect organizational assets. While both roles require cybersecurity knowledge and certifications like CISSP, their focus areas and work environments differ significantly.
What is the role of a security control assessor?
What are the main challenges Security Control Assessors face when evaluating complex information systems?
What are Security Control Assessors?

Other
Re-posted 26 days ago
Job description
Posting Type
Remote/Hybrid
Job Overview
The Advanced Security Engineer is a technically deep, hands-on practitioner who forms the operational backbone of the enterprise security function. Operating within a layered defense-in-depth program, this engineer owns the design, deployment, implementation and optimization of AI-enabled security technologies at all layers. With the goal of enabling automated orchestration of security operations into day-to-day detection and response capabilities, hardening rigor, and rapid response. This role works closely with the Senior Manager of Enterprise Security and cross-functional engineering teams to reduce the organization's attack surface, enable threat landscape adaptability, and improve detection and response times across Relativity's technical ecosystem.Job Description and Requirements
- As applicable, design, deploy and optimize security controls that span perimeter, network, host, application, identity and data layers, ensuring and maintaining effectiveness of controls at each layer.
- Collaborate cross-functionally to ensure controls are aligned to industry recognized frameworks.
- Validate that telemetry from each layer feeds the central analytics platforms and supports 360-degree visibility and appropriate attack surface coverage.
- Continuously assess effectiveness of enterprise security controls as the ecosystem expands and the threat landscape evolves, supplement or extend coverage accordingly.
- Proactively partner with IT, Engineering and other stakeholders to embed security controls natively.
- Periodically provide recommendations on technical design of security controls aligned to vulnerabilities, risks, issues and/or events.
- Support purple-team exercises and control-efficacy testing to verify depth and resilience under attack conditions.
- Ensure redundant, complementary security capabilities to prevent bypasses and ensure failure redundancy through all security layers.
Endpoint Security & Hardening
- Deploy, integrate, optimize and manage EDR/XDR platforms and periodically define custom detections and automated response actions across security tooling.
- Establish and enforce endpoint and image hardening baselines, configuration standards, and application control baselines.
- Integrate endpoint telemetry into the central analytics platform (or SIEM) to support security context and cross-domain correlation; ensure SIEM coverage is adequate and effective.
- Collaborate cross-functionally to ensure security events, exposures, vulnerabilities and alerts are remediated within appropriate SLA's.
- Investigate endpoint-based alerts and incidents through to root cause: perform triage, forensic artifact collection (memory, disk, logs), timeline reconstruction, and containment/eradication actions.
Threat Hunting
- Collaborate cross-functionally to support purple team exercises and analyze security telemetry to surface anomalous and malicious behavior to the relevant stakeholders.
- Develop, execute and document structured hunts mapped to MITRE ATT&CK and ATLAS techniques and current threat intelligence.
- Perform exposure analysis on identified vulnerabilities, zero-day, alert telemetry, threat intelligence feeds and notifications from partners and customers and conclude on exploitability risk and/or exposure.
- Maintain awareness of the evolving threat landscape, adversary TTP's, and emerging vulnerabilities and their relevance to Relativity's technical ecosystem and organizational trajectory.
- Standardize and document hunt methodology, hypotheses, and outcomes and collaborate with security stakeholders to mature threat hunting program over time.
- Convert successful hunts, exposure analysis, purple team findings and alerts into durable, automated detections and containment logic and improved coverage.
AI-Enabled Security Operations
- Build and maintain SOAR workflows that automate enrichment, triage, containment, and routine response actions.
- Measure and continuously improve the impact of automation on time-based detection, containment and response to reduce threat actor dwell time.
- Identify, evaluate and operationalize AI/ML capabilities for semantic anomaly detection, behavioral analytics, alert triage, and prioritization.
Data Security
- Implement data classification, discovery, and data security posture management across cloud and on-premises stores.
- Deploy and tune data loss prevention controls across endpoints, network, email, cloud and SaaS surfaces.
- Investigate data key risk indicators associated with data access, exfiltration, and integrating data telemetry into central analytics (SIEM).
Minimum Qualifications:
- Bachelor's in Computer Science, Information Security, or equivalent experience.
- 5+ years of hands-on experience in enterprise security engineering, with a focus on network and/or endpoint security domains (or) Master's Degree in Cybersecurity or relevant field.
- Hands-on experience with common security tools such as EDR, XDR, SIEM, CNAPP, CSPM, CWP, etc. and intermediate knowledge of applicable security technologies at all layers of the OSI model.
- Threat hunting, digital forensics, and/or detection engineering experience and writing automation scripts and rules for security enforcement and/or observability.
- Basic knowledge of industry standard common security benchmarks and frameworks (e.g., MITRE, NIST, etc.)
- Proficiency in at least one scripting/automation language (Python, Bash, or PowerShell) applied to modern containerized services, CLI based commands, and/or security specific use cases.
- Ability to communicate technical findings clearly to both engineering peers and non-technical stakeholders.
Preferred Qualifications:
- Familiarity with AI-enabled SecOps (e.g., detection: UEBA, ML-based alert prioritization, or AI-assisted threat hunting workflows)
- Basic knowledge of common cloud environments such as AWS, Azure or GCP.
- Working knowledge of software development lifecycle, software engineering practices or infrastructure as code environments: contributing endpoint or network security controls to CI/CD pipelines.
- Experience supporting compliance and audit requirements (SOC 2, ISO 27001, HIPAA) from a technical control perspective.
- Relevant certifications such as SEC+, CISSP, CISA, GCIH, GCFA, GCIA, GPEN, OSCP, CySA+, or equivalent.
Relativity is committed to competitive, fair, and equitable compensation practices.
This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives.
The expected salary range for this role is between following values:
$104,000 and $156,000The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position.
Required Skills:
Endpoint Security, Network Security, Penetration Testing, Security Architecture Design, Security Automation, Security Information, Security Information and Event Management (SIEM), Security Operations, Threat Modeling, Vulnerability Management