ZipRecruiter

Log In

1

Security Control Assessor Jobs in Springfield, VA

Electrosoft

Security Control Assessor

Washington, DC ยท Hybrid

$155K - $165K/yr

Security Control Assessor III Responsibilities: * Leads comprehensive security assessments for complex or high-impact systems. * Oversees control testing strategies, validates remediation ...

Cymertek

Security Control Assessor (SCA)

Mclean, VA

Security Control Assessor (SCA) We are seeking a meticulous and detail-oriented Security Control Assessor (SCA) to join our team and ensure that our information systems meet the highest standards of ...

Navstar

Traveling Security Control Assessor

Alexandria, VA ยท Hybrid

$112K/yr

Security Control Assessor Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires significant travel--please review the position overview below ...

next page

Showing results 1-20

All JobsSecurity Control Assessor JobsSecurity Control Assessor Jobs in Springfield, VA

Security Control Assessor information

See Springfield, VA salary details

$9

$61

$81

How much do security control assessor jobs pay per hour?

As of Jun 14, 2026, the average hourly pay for security control assessor in Springfield, VA is $61.47, according to ZipRecruiter salary data. Most workers in this role earn between $52.79 and $71.15 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Security Control Assessor, and why are they important?

To thrive as a Security Control Assessor, you need expertise in information security principles, risk management frameworks like NIST RMF, and a relevant bachelor's degree or equivalent work experience. Familiarity with security assessment tools, compliance management systems, and certifications such as CISSP, CISA, or CAP is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial for evaluating security controls and reporting findings clearly. These skills ensure accurate risk assessments, regulatory compliance, and robust protection of organizational information assets.

What is the difference between Security Control Assessor vs Security Analyst?

AspectSecurity Control AssessorSecurity Analyst
CertificationsRisk Management Framework (RMF), CISSP, CISACISSP, Security+
Work EnvironmentFederal agencies, DoD, government complianceCorporate, cybersecurity teams, IT departments
ResponsibilitiesAssess security controls, ensure compliance, auditMonitor security, analyze threats, implement security measures

The Security Control Assessor primarily evaluates security controls for compliance and risk management, often within government agencies. In contrast, the Security Analyst focuses on monitoring and analyzing security threats to protect organizational assets. While both roles require cybersecurity knowledge and certifications like CISSP, their focus areas and work environments differ significantly.

What are the main challenges Security Control Assessors face when evaluating complex information systems?

Security Control Assessors often encounter challenges such as rapidly evolving security threats, integrating new technologies, and ensuring compliance with multiple frameworks (like NIST, FISMA, or RMF). Assessing large, interconnected systems requires attention to detail and strong analytical skills to identify vulnerabilities and recommend effective controls. Collaboration with system owners, IT staff, and auditors is essential to obtain comprehensive documentation and clarify system boundaries, which can be a demanding part of the assessment process.

What are Security Control Assessors?

Security Control Assessors (SCAs) are professionals responsible for evaluating the security controls of information systems to ensure they meet required standards and regulations. They conduct assessments, document findings, and provide recommendations to help organizations manage risk and achieve compliance with frameworks such as NIST or FISMA. SCAs play a critical role in maintaining the security and integrity of sensitive data by identifying vulnerabilities and verifying that corrective actions are implemented effectively.
What are the most commonly searched types of Security Control Assessor jobs in Springfield, VA? The most popular types of Security Control Assessor jobs in Springfield, VA are:
What are popular job titles related to Security Control Assessor jobs in Springfield, VA? For Security Control Assessor jobs in Springfield, VA, the most frequently searched job titles are:
What job categories do people searching Security Control Assessor jobs in Springfield, VA look for? The top searched job categories for Security Control Assessor jobs in Springfield, VA are:
What cities near Springfield, VA are hiring for Security Control Assessor jobs? Cities near Springfield, VA with the most Security Control Assessor job openings:
Security Control Assessor jobs near you
Security Control Assessor

Security Control Assessor

System High Corporation

Chantilly, VA โ€ข On-site

Contractor

Posted 4 days ago

Job description

Position Overview
A Cybersecurity Subject Matter Expert provides expert-level cybersecurity analysis, engineering, and assessment services for complex, multi-domain systems. This role acts as a senior technical advisor and Security Control Assessor (SCA), specializing in integrating security throughout the system lifecycle, translating technical risks into mission-impact statements, and guiding the implementation of advanced security architectures.
Principal Duties and Responsibilities:
  • Provides strategic cybersecurity guidance and participates in technical reviews (e.g., SRR, PDR, CDR) to ensure security is integrated from the initial design phase and throughout the system development lifecycle.
  • Executes the Risk Management Framework (RMF) process, providing risk determinations and recommendations to the Authorizing Official (AO).
  • As a Security Control Assessor (SCA), executes the Risk Management Framework (RMF) process across Federal, DoD, and IC policies. Provides continuous risk determinations and actionable recommendations directly to the Authorizing Official (AO).
  • Conducts deep technical validation of security controls by reviewing vulnerability scans (e.g., ACAS/Nessus), STIG checklists, and penetration test reports to correlate findings with operational mission risk.
  • Evaluates the security performance, integrity, and residual risk of diverse and complex architectures, including Platform Information Technology (PIT), cloud environments, communication networks, and satellite control systems.
  • Guides the adoption and implementation of DoD Zero Trust principles and provides specialized expertise in the design and evaluation of Cross Domain Solutions (CDS).
  • Functions as a technical liaison between engineering teams, program leadership, and external government and industry partners.

Required Skills (Knowledge, Skills, Abilities):
  • Requires a minimum of twelve (12) years of demonstrated experience in IT, cybersecurity engineering, and/or Assessment & Authorization (A&A).
  • Certification: Must hold a current certification compliant with DoD 8140.01 for IAT Level III or IAM Level III (e.g., CISSP, CISM, GSLC, CASP+ CE).
  • Technical Expertise: Must have proven hands-on experience with systems integration, enterprise networks, cloud computing systems, or Platform IT architectures.
  • Ample experience with Special Access Program (SAP) and Sensitive Compartmentalized Information (SCI) Systems preferred.

Travel Requirements
  • Some travel is required for this position.
  • Ability to travel to CONUS and/or OCONUS locations
  • Must have active US passport for OCONUS travel requirements

Clearance
  • Clearance: Must possess an active Top-Secret clearance with eligibility for SCI and SAP access.

Additional Information
  • This job description is not designed to cover or contain all job duties required of the employee. There may be additional activities, duties and/or responsibilities that are required for this position that are not listed in this job description.
  • In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
  • System High is a Military friendly employer. Our extensive work on behalf of the U.S. government offers those who have served in uniform an opportunity to continue to serve their country in a new and exciting way while enjoying a successful civilian career.
  • System High values the power and strength of diverse backgrounds on the culture and performance of our company. We strive to maintain an inclusive culture to encourage each employee to bring their whole self to the mission.
  • System High Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran status, or any other characteristic protected by law. We are proud to be an equal opportunity workplace.
  • If you require a reasonable accommodation to apply for a position with us, please email recruiting@systemhigh.com
  • Legal notices can be viewed on the following PDFs: Know Your Rights: Workplace Discrimination is Illegal; EPPA Notice; FMLA Notice

Warning: Beware of recruitment scams: System High will never request money or personal purchases during the hiring process. Verify all communications come from a systemhigh.com or msg.paycomonline.com email address.

Apply