This role evaluates the design and operating effectiveness of security controls, validates evidence ... Plan assessment activities: scope, methodology, schedules, evidence requests, interviews, and ...
This role evaluates the design and operating effectiveness of security controls, validates evidence ... Plan assessment activities: scope, methodology, schedules, evidence requests, interviews, and ...
Evaluate security controls, assess their impact on systems, and develop mitigation strategies where necessary. Requirements: * 5 yrs experience supporting RMF-based ATO processes. * Hands-on ...
Quick apply
Evaluate security controls, assess their impact on systems, and develop mitigation strategies where necessary. Requirements: * 5 yrs experience supporting RMF-based ATO processes. * Hands-on ...
Evaluate security controls, assess their impact on systems, and develop mitigation strategies where necessary. Requirements * 5 yrs experience supporting RMF-based ATO processes. * Hands-on ...
Evaluate security controls, assess their impact on systems, and develop mitigation strategies where necessary. Requirements * 5 yrs experience supporting RMF-based ATO processes. * Hands-on ...
The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD ...
The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD ...
Continuously assess effectiveness of enterprise security controls as the ecosystem expands and the threat landscape evolves, supplement or extend coverage accordingly. * Proactively partner with ...
Continuously assess effectiveness of enterprise security controls as the ecosystem expands and the threat landscape evolves, supplement or extend coverage accordingly. * Proactively partner with ...
The selected candidate will assist in evaluating security controls, supporting Security Assessment and Authorization (SA&A) efforts, and maintaining compliance with applicable cybersecurity ...
The selected candidate will assist in evaluating security controls, supporting Security Assessment and Authorization (SA&A) efforts, and maintaining compliance with applicable cybersecurity ...
Evaluate security controls, assess their impact on systems, and develop mitigation strategies where necessary. Requirements * 5 yrs experience supporting RMF-based ATO processes. * Hands-on ...
Evaluate security controls, assess their impact on systems, and develop mitigation strategies where necessary. Requirements * 5 yrs experience supporting RMF-based ATO processes. * Hands-on ...
Sr. Information Security GRC Analyst
$115K - $125K/yr
In this role, you will assess and strengthen IT and security controls across the organization while ensuring alignment with regulatory, statutory, and industry security standards including ISO/IEC ...
Sr. Information Security GRC Analyst
$115K - $125K/yr
In this role, you will assess and strengthen IT and security controls across the organization while ensuring alignment with regulatory, statutory, and industry security standards including ISO/IEC ...
The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD ...
The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD ...
The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD ...
Quick apply
The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD ...
The selected candidate will assist in evaluating security controls, supporting Security Assessment and Authorization (SA&A) efforts, and maintaining compliance with applicable cybersecurity ...
The selected candidate will assist in evaluating security controls, supporting Security Assessment and Authorization (SA&A) efforts, and maintaining compliance with applicable cybersecurity ...
The selected candidate will assist in evaluating security controls, supporting Security Assessment and Authorization (SA&A) efforts, and maintaining compliance with applicable cybersecurity ...
Quick apply
The selected candidate will assist in evaluating security controls, supporting Security Assessment and Authorization (SA&A) efforts, and maintaining compliance with applicable cybersecurity ...
Assess security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A) processes and ...
Assess security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A) processes and ...
Our 2026 Campus Defense & Security Financial Management (FM) IT Risk and Controls consultants help ... Performing rigorous assessments of IT controls using industry-standard guidance and leading ...
Our 2026 Campus Defense & Security Financial Management (FM) IT Risk and Controls consultants help ... Performing rigorous assessments of IT controls using industry-standard guidance and leading ...
Assess security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A) processes and ...
Assess security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A) processes and ...
Security Architect
Indianapolis, IN · On-site
$62 - $80.25/hr
... assessments by evaluating compliance gaps, developing remediation plans, and supporting implementation of required security controls. * Review and monitor firm systems to ensure compliance with ...
Security Architect
Indianapolis, IN · On-site
$62 - $80.25/hr
... assessments by evaluating compliance gaps, developing remediation plans, and supporting implementation of required security controls. * Review and monitor firm systems to ensure compliance with ...
Assess security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A) processes and ...
Assess security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A) processes and ...
Assess and evaluate security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A ...
Assess and evaluate security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A ...
Assess and evaluate security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A ...
Assess and evaluate security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A ...
Assess and evaluate security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A ...
Assess and evaluate security controls based on cybersecurity principles and frameworks including NIST SP 800-53 and the Cybersecurity Framework. * Support Security Assessment & Authorization (SA&A ...
Security Controls Assessor information
See Indiana salary details
$8.46 - $14.45
2% of jobs
$14.45 - $20.44
2% of jobs
$20.44 - $26.43
0% of jobs
$26.43 - $32.42
0% of jobs
$32.42 - $38.41
3% of jobs
$38.41 - $44.40
5% of jobs
$47.92 is the 25th percentile. Wages below this are outliers.
$44.40 - $50.39
21% of jobs
The median wage is $55.27 / hr.
$50.39 - $56.37
20% of jobs
$56.37 - $62.36
18% of jobs
$63.75 is the 75th percentile. Wages above this are outliers.
$62.36 - $68.35
15% of jobs
$68.35 - $74.34
14% of jobs
$8
$55
$74
How much do security controls assessor jobs pay per hour?
What are Security Controls Assessors?
What are the key skills and qualifications needed to thrive as a Security Controls Assessor, and why are they important?
What are some common challenges Security Controls Assessors face when evaluating compliance across multiple systems?
What Does a Security Controls Assessor Do?
A security controls assessor (SCA) evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems, working either alone or as part of a team. As a security controls assessor, your duties begin with conducting an in-depth assessment of the management, operations, and technical security controls. You must analyze information and prepare reports describing the vulnerability level of the network with specific detail as to what compromises data systems. You then develop a plan to address vulnerabilities and continue to monitor the security of network systems.
What is the difference between Security Controls Assessor vs Security Analyst?
| Aspect | Security Controls Assessor | Security Analyst |
|---|---|---|
| Certifications | ISO 27001 Lead Auditor, CISSP, CISA | CISSP, Security+ |
| Work Environment | Assessing security controls, compliance audits | Monitoring security systems, incident response |
| Employer & Industry | Government agencies, compliance firms | Corporate IT, cybersecurity teams |
The Security Controls Assessor primarily evaluates and verifies security controls for compliance, often in government or regulated environments. In contrast, a Security Analyst focuses on monitoring, analyzing, and responding to security threats within organizations. While both roles require security certifications and involve cybersecurity, their core responsibilities and work settings differ significantly.
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
This job post has expired today. Applications are no longer accepted.
Rolls-Royce rating
9.0
Based on 14 frontline employees who took The Breakroom Quiz
26th of 430 rated machine equipment manufacturers
Job description
Job Description
Job Title: Cyber Controls Assessor
Working Pattern: Full-time
Working location: Indianapolis, IN (Hybrid Schedule)
We are seeking a Cyber Controls Assessor to plan and execute security control assessments aligned with CMMC and/or NIST SP 800-53. This role evaluates the design and operating effectiveness of security controls, validates evidence, documents results, and partners with technical and business stakeholders to reduce risk and strengthen compliance-especially in environments supporting U.S. DoD and federal requirements. Experience in the aerospace industry or working with DoD / U.S. federal government programs is a strong plus.
Why Rolls-Royce?
Rolls-Royce is one of the most enduring and iconic brands in the world and has been at the forefront of innovation for over a century. We design, build and service systems that provide critical power to customers where safety and reliability are paramount.
We are proud to be a force for progress, powering, protecting and connecting people everywhere.
We want to ensure that the excellence and ingenuity that has shaped our history continues into our future and we need people like you to come and join us on this journey.
Rolls-Royce has been recognized as the top employer in the Engineering & Manufacturing category on the prestigious Forbes Top Employers for Engineers list for 2025. This ranking highlights our commitment to innovation, employee development, and fostering a collaborative environment where engineers can thrive.
Be part of a team that sets the industry standard and drives groundbreaking solutions.
At Rolls-Royce, we are committed to creating a workplace where all employees feel respected, supported, and empowered to do their best work. We foster a welcoming and innovative work environment that invests in you, giving you access to an incredible breadth and depth of opportunities where you can grow your career and make a difference.
Rolls-Royce is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to any protected characteristics.
What you will be doing
With this attractive opportunity you will get a chance to:
- Conduct security control assessments against CMMC and/or NIST SP 800-53 (and related standards as applicable).
- Plan assessment activities: scope, methodology, schedules, evidence requests, interviews, and sampling.
- Evaluate control implementation and effectiveness through documentation review, technical validation, and stakeholder walkthroughs.
- Collect, validate, and organize assessment evidence; maintain clear traceability from requirements to test results.
- Produce assessment deliverables such as control test plans, assessment reports, findings/risk statements, POA&Ms, and executive summaries.
- Identify control gaps and provide practical remediation recommendations aligned to risk and operational constraints.
- Partner with engineering, IT, security, and program teams to validate remediation and perform follow-up testing.
- Support governance activities including policy/standard updates, risk register inputs, and continuous monitoring improvements.
- Contribute to audit readiness and compliance support for federal/DoD-aligned environments (e.g., SSP/assessment artifacts as relevant).
- Maintain professional documentation standards and ensure consistent assessment quality across programs.
Who we're looking for:
At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fundamental qualities that we seek for all roles.
Basic Requirements:
- Associate's degree in Information Technology, Cybersecurity, Information Systems or and 7+ years of relevant IT experience, OR
- Bachelor's degree in Information Technology, Cybersecurity, Information Systems and 5+ years of relevant IT experience, OR
- Master's degree in Information Technology, Cybersecurity, Information Systems, and 3+ years of relevant IT experience, OR
- PhD and no years of experience, OR
- 9+ years of experience in lieu of degree
Preferred Requirements:
- Experience working on NIST RMF or controls assessment
- Experience as a SOC Security Analyst and familiarity with industry leading security products such as SIEMs and networking mapping, vulnerability scanning and packet capture and data analytics tools
- Experience of network anomaly detectionusingtraffic analysisornetworkintruderdetection systems
- A basic understanding of the cyber kill chain in relation to Advanced Persistent Threats (APTs)
- Experience and knowledge of threat actor tactics, techniques and procedures, vulnerabilities, attacks and countermeasures.
- Experience of presenting on cyber security issues
What we offer
We offer excellent development opportunities, a competitive salary, and exceptional benefits. These include bonus, employee support assistance and employee discounts.
Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office or home. It's a locally managed and flexed informal discretionary arrangement. As a minimum we're all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.
Relocation assistance is available for this position.
Global Grade Level C
Closing date: July 6th, 2026
Job Category
Job Posting Date
Pay Range
Location:
Benefits
Rolls-Royce provides a comprehensive and competitive Total Rewards package that includes base pay and a discretionary bonus plan. Eligible employees may have the opportunity to enroll in other benefits, including health, dental, vision, disability, life and accidental death & dismemberment insurance; a flexible spending account; a health savings account; a 401(k) retirement savings plan with a company match; Employee Assistance Program; Paid Time Off; certain paid holidays; paid parental and family care leave; tuition reimbursement; and a long-term incentive plan. The options available to an employee may vary depending on eligibility factors such as date of hire, employment type, and the applicability of collective bargaining agreements.
What Rolls-Royce employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Rolls-Royce
Sourced by ZipRecruiter