Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives. * Develop and ...
Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives. * Develop and ...
The role involves assessing and evaluating the effectiveness of security controls, identifying ... Responsibilities : • Assess the effectiveness of security controls in information systems • ...
The role involves assessing and evaluating the effectiveness of security controls, identifying ... Responsibilities : • Assess the effectiveness of security controls in information systems • ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
Quick apply
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
The role involves assessing and evaluating the effectiveness of security controls, identifying ... Responsibilities : • Assess the effectiveness of security controls in information systems • ...
The role involves assessing and evaluating the effectiveness of security controls, identifying ... Responsibilities : • Assess the effectiveness of security controls in information systems • ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
Quick apply
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
Assess technical, operational, and management controls * Document findings in Security Assessment Reports (SARs) * Recommend corrective actions for identified vulnerabilities * Validate system ...
Assess technical, operational, and management controls * Document findings in Security Assessment Reports (SARs) * Recommend corrective actions for identified vulnerabilities * Validate system ...
Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives. * Develop and ...
Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives. * Develop and ...
Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives. * Develop and ...
Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives. * Develop and ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
Quick apply
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
Assess the effectiveness of security controls in information systems * Conduct security control ... testing and evaluations * Identify security gaps and vulnerabilities in systems * Collaborate with ...
Assess the effectiveness of security controls in information systems * Conduct security control ... testing and evaluations * Identify security gaps and vulnerabilities in systems * Collaborate with ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
SME Security Control Assessor
Arlington, VA · On-site
$45 - $50/hr
Applying NIST security controls and frameworks * Support continuous monitoring activities * Assist with security documentation review * Contribute to Plans of Action and Milestones (POA&Ms ...
Security Control Assessor
Washington, DC · On-site
$75/hr
Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual ...
Security Control Assessor
Washington, DC · On-site
$75/hr
Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual ...
Assess the effectiveness of security controls in information systems * Conduct security control ... testing and evaluations * Identify security gaps and vulnerabilities in systems * Collaborate with ...
Assess the effectiveness of security controls in information systems * Conduct security control ... testing and evaluations * Identify security gaps and vulnerabilities in systems * Collaborate with ...
Assess the effectiveness of security controls in information systems * Conduct security control ... testing and evaluations * Identify security gaps and vulnerabilities in systems * Collaborate with ...
Assess the effectiveness of security controls in information systems * Conduct security control ... testing and evaluations * Identify security gaps and vulnerabilities in systems * Collaborate with ...
Security Control Assessor
Washington, DC · On-site
... controls from NIST 800-53/CNSS 1253 is required • Experience with the Risk Management Framework, NIST 800-37 • Specific Experience with writing Security Assessment Plans and Reports is required ...
Security Control Assessor
Washington, DC · On-site
... controls from NIST 800-53/CNSS 1253 is required • Experience with the Risk Management Framework, NIST 800-37 • Specific Experience with writing Security Assessment Plans and Reports is required ...
Security Control Assessor, Mid
$95K - $105K/yr
Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual ...
Security Control Assessor, Mid
$95K - $105K/yr
Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual ...
Security Control Assessor, Mid
Washington, DC · On-site
$95K - $109K/yr
Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual ...
Security Control Assessor, Mid
Washington, DC · On-site
$95K - $109K/yr
Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting system security assessments, supporting the system security authorization to operate process, and conducting annual ...
Senior Security Control Assessor with Security Clearance
Arlington, VA · On-site
$120K - $135K/yr
Senior Security Control Assessor Remote - Must be local to DC Metro area Public Trust Eligible Blu ... Evaluate technical, operational, and management controls for effectiveness. * Support system ...
Senior Security Control Assessor with Security Clearance
Arlington, VA · On-site
$120K - $135K/yr
Senior Security Control Assessor Remote - Must be local to DC Metro area Public Trust Eligible Blu ... Evaluate technical, operational, and management controls for effectiveness. * Support system ...
This role will involve collaborating with various stakeholders to assess system security controls, document assessment findings, and support ongoing compliance efforts. Qualifications: Bachelor ...
This role will involve collaborating with various stakeholders to assess system security controls, document assessment findings, and support ongoing compliance efforts. Qualifications: Bachelor ...
Traveling Security Control Assessor
Alexandria, VA · Hybrid
$87K - $157K/yr
Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This ... Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and ...
Traveling Security Control Assessor
Alexandria, VA · Hybrid
$87K - $157K/yr
Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This ... Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and ...
Security Controls Assessor information
See Reston, VA salary details
$9.25 - $15.80
2% of jobs
$15.80 - $22.35
2% of jobs
$22.35 - $28.90
0% of jobs
$28.90 - $35.44
0% of jobs
$35.44 - $41.99
3% of jobs
$41.99 - $48.54
5% of jobs
$52.39 is the 25th percentile. Wages below this are outliers.
$48.54 - $55.09
21% of jobs
The median wage is $60.43 / hr.
$55.09 - $61.63
20% of jobs
$61.63 - $68.18
18% of jobs
$69.70 is the 75th percentile. Wages above this are outliers.
$68.18 - $74.73
15% of jobs
$74.73 - $81.28
14% of jobs
$9
$61
$81
How much do security controls assessor jobs pay per hour?
What are Security Controls Assessors?
What are the key skills and qualifications needed to thrive as a Security Controls Assessor, and why are they important?
What are some common challenges Security Controls Assessors face when evaluating compliance across multiple systems?
What Does a Security Controls Assessor Do?
A security controls assessor (SCA) evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems, working either alone or as part of a team. As a security controls assessor, your duties begin with conducting an in-depth assessment of the management, operations, and technical security controls. You must analyze information and prepare reports describing the vulnerability level of the network with specific detail as to what compromises data systems. You then develop a plan to address vulnerabilities and continue to monitor the security of network systems.
What is the difference between Security Controls Assessor vs Security Analyst?
| Aspect | Security Controls Assessor | Security Analyst |
|---|---|---|
| Certifications | ISO 27001 Lead Auditor, CISSP, CISA | CISSP, Security+ |
| Work Environment | Assessing security controls, compliance audits | Monitoring security systems, incident response |
| Employer & Industry | Government agencies, compliance firms | Corporate IT, cybersecurity teams |
The Security Controls Assessor primarily evaluates and verifies security controls for compliance, often in government or regulated environments. In contrast, a Security Analyst focuses on monitoring, analyzing, and responding to security threats within organizations. While both roles require security certifications and involve cybersecurity, their core responsibilities and work settings differ significantly.
Job description
Position Description:
The Security Control Assessor (SCA) will be responsible for evaluating and assessing the security controls of Defense Security Cooperation Agency's (DSCA) information systems. This role involves conducting comprehensive assessments to ensure compliance with federal cybersecurity standards and providing recommendations to improve the agency's security posture.
Clearance: Active Secret Clearance
Work Location: Washington DC
Responsibilities and/or Success Factors:
- Conduct thorough assessments of security controls on DSCA's information systems and networks to ensure compliance with federal regulations, including NIST, FISMA, and DoD directives.
- Develop and maintain assessment documentation, including Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms).
- Perform risk assessments to identify potential security threats and vulnerabilities.
- Provide detailed recommendations to mitigate identified risks and enhance the security posture of DSCA's information systems.
- Collaborate with system owners, IT staff, and cybersecurity teams to ensure effective implementation of security controls.
- Conduct continuous monitoring activities to ensure ongoing compliance with security policies and procedures.
- Provide guidance on the security assessment and authorization (A&A) process, including developing and maintaining System Security Plans (SSPs).
- Assist in the development and delivery of cybersecurity training and awareness programs for DSCA personnel.
- Stay current with the latest cybersecurity threats, trends, and technologies to continuously improve assessment methodologies and practices.
- Participate in security audits and reviews to ensure adherence to established security standards and best practices.
Minimum Qualifications Including Certificates:
- Must be a US Citizen.
- Must have a Secret Clearance
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (Master's degree preferred).
- Minimum of 5 years of experience in information security, with a focus on security control assessment and risk management.
- Certifications such as CISSP, CISM, CISA, CAP, or equivalent are highly desirable.
- In-depth knowledge of federal cybersecurity regulations and standards, including NIST SP 800 series and FISMA.
- Proven experience in conducting security control assessments and developing security assessment documentation.
- Excellent analytical, problem-solving, and decision-making skills.
- Strong communication and interpersonal skills, with the ability to effectively communicate complex cybersecurity concepts to technical and non-technical stakeholders.
- Ability to work independently and collaboratively in a fast-paced environment.
Desired Qualifications:
- eMASS, cloud, STIGS experience
About Arlo Solutions
Sourced by ZipRecruiter
Industry
It services
Company size
1 - 10 Employees
Headquarters location
Washington, DC, US
Year founded
2014