ClearanceJobs
Senior Security Control Assessor
Blu Omega is seeking a detail-oriented and experienced Security Control Assessor (SCA) to perform comprehensive security and privacy control assessments of IT systems in alignment with the NIST Risk Management Framework (RMF). The successful candidate will bring hands-on expertise in evaluating security postures, identifying risks, and ensuring compliance with federal policies and frameworks. This is an excellent opportunity for professionals passionate about cybersecurity and risk management, looking to support critical national security initiatives. Key Responsibilities
Conduct independent security control assessments following NIST SP 800-37 and 800-53 standards, ensuring thorough evaluation of technical, operational, and managerial controls. Review and analyze security documentation such as Security Supplement Plans (SSPs), Plans of Action & Milestones (POA&Ms), and security authorization documentation to support system Authorization to Operate (ATO) processes. Identify and document vulnerabilities, compliance gaps, and security risks; develop and recommend effective mitigation strategies. Assess the impact of system updates, network changes, or technology upgrades on overall security posture, providing guidance on risk implications. Participate actively in governance and risk review boards, offering expert advice on security concerns and compliance issues. Collaborate with system owners, engineers, and stakeholders to verify the proper implementation and functioning of security controls. Support vulnerability scans, compliance audits, and configuration reviews to identify and remediate security issues promptly. Contribute to the RMF documentation lifecycle, including creating and updating Concept of Operations (CONOPS), System Security Plans (SSPs), test plans, and risk assessments. Required Skills & Experience
Core Skills: Strong risk assessment and threat modeling capabilities Expertise in validating and testing security controls Knowledge of RMF processes and NIST SP 800-53/800-37 standards Experience tracking and remediating POA&Ms Familiarity with vulnerability scanning tools such as Nessus, Qualys, etc. Understanding of secure network architectures and system configurations Technical Competence: Solid understanding of cybersecurity principles: confidentiality, integrity, availability Experience reviewing and developing security documentation Knowledge of enterprise IT systems, cloud environments, and network infrastructure Qualifications (Senior Level): 7+ years of experience in cybersecurity and risk assessment Master's degree or equivalent professional certifications and experience Extensive expertise in A&A processes, RMF, and control assessments Preferred Certifications (Optional but Beneficial): CAP, CISSP, CISM, CISA, CEH, Security+, or similar credentials Why Join Blu Omega? Be part of a passionate team committed to national security and safeguarding critical information. At Blu Omega, you'll have the opportunity to work on impactful projects in a collaborative environment that fosters professional growth, innovation, and excellence.
Blu Omega is seeking a detail-oriented and experienced Security Control Assessor (SCA) to perform comprehensive security and privacy control assessments of IT systems in alignment with the NIST Risk Management Framework (RMF). The successful candidate will bring hands-on expertise in evaluating security postures, identifying risks, and ensuring compliance with federal policies and frameworks. This is an excellent opportunity for professionals passionate about cybersecurity and risk management, looking to support critical national security initiatives. Key Responsibilities
Conduct independent security control assessments following NIST SP 800-37 and 800-53 standards, ensuring thorough evaluation of technical, operational, and managerial controls. Review and analyze security documentation such as Security Supplement Plans (SSPs), Plans of Action & Milestones (POA&Ms), and security authorization documentation to support system Authorization to Operate (ATO) processes. Identify and document vulnerabilities, compliance gaps, and security risks; develop and recommend effective mitigation strategies. Assess the impact of system updates, network changes, or technology upgrades on overall security posture, providing guidance on risk implications. Participate actively in governance and risk review boards, offering expert advice on security concerns and compliance issues. Collaborate with system owners, engineers, and stakeholders to verify the proper implementation and functioning of security controls. Support vulnerability scans, compliance audits, and configuration reviews to identify and remediate security issues promptly. Contribute to the RMF documentation lifecycle, including creating and updating Concept of Operations (CONOPS), System Security Plans (SSPs), test plans, and risk assessments. Required Skills & Experience
Core Skills: Strong risk assessment and threat modeling capabilities Expertise in validating and testing security controls Knowledge of RMF processes and NIST SP 800-53/800-37 standards Experience tracking and remediating POA&Ms Familiarity with vulnerability scanning tools such as Nessus, Qualys, etc. Understanding of secure network architectures and system configurations Technical Competence: Solid understanding of cybersecurity principles: confidentiality, integrity, availability Experience reviewing and developing security documentation Knowledge of enterprise IT systems, cloud environments, and network infrastructure Qualifications (Senior Level): 7+ years of experience in cybersecurity and risk assessment Master's degree or equivalent professional certifications and experience Extensive expertise in A&A processes, RMF, and control assessments Preferred Certifications (Optional but Beneficial): CAP, CISSP, CISM, CISA, CEH, Security+, or similar credentials Why Join Blu Omega? Be part of a passionate team committed to national security and safeguarding critical information. At Blu Omega, you'll have the opportunity to work on impactful projects in a collaborative environment that fosters professional growth, innovation, and excellence.