A Square Group (ASG)
Lead Security Control Assessor
A Square Group (ASG), Frederick, Maryland, United States, 21701
Overview
Lead Security Control Assessor role at A Square Group (ASG). Location
Remote/National Capital Region Company Description
ASG is a Minorit y- and Woman-Owned, Physician-Owned small business with over 15 years of experience in federal government contracting. We deliver a wide range of technology services, including software development, mobile apps, AI/ML, analytics, data science, big data, DevSecOps, digital transformation, cloud, and cybersecurity. ASG is CMMI Level 3 certified and holds ISO 9001:2015, 20000-1:2018, and 27001:2022 certifications. Job Description
ASG is seeking a Lead Security Control Assessor. This role provides leadership and expertise in Risk Management Framework (RMF) control assessments, security validation, and accreditation support across the enterprise IT systems. The Lead Security Control Assessor will be responsible for planning, leading, and executing security control assessments, mentoring junior assessors, and ensuring compliance with DoD, DISA, and NIST 800-53 control requirements. The role also supports the preparation and validation of Authorization to Operate (ATO) packages and contributes to overall cybersecurity readiness. What You Will Do
Lead Security Control Assessment (SCA) activities across enterprise systems, including review of security documentation, technical validation, and control testing. Perform independent security assessments in alignment with NIST SP 800-53, DISA STIGs, and DoD RMF guidance. Provide expert input for System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and ATO packages. Coordinate with ISSMs, ISSOs, system owners, and cybersecurity staff to track remediation and verify corrective actions. Ensure compliance with DISA cybersecurity policies, CNSSI guidance, and CND directives. Lead assessment teams, providing mentorship, task direction, and quality oversight. Deliver risk assessments, gap analyses, and recommendations to government stakeholders. Develop assessment methodologies, SOPs, and templates to streamline control validation. Support audit readiness and participate in DoD inspections and cyber readiness exercises. Communicate technical findings to senior leadership, translating risks into actionable recommendations. Other duties as assigned. Requirements
What We Need: Minimum of 8 years of cybersecurity and RMF/assessment experience, with at least 3 years in a senior or lead assessor role. Proven ability to lead control validation efforts for large-scale DoD or DISA systems. Comprehensive knowledge and experience in key tasks and high-impact assignments. Demonstrated ability to plan and lead major technology initiatives. Proven experience evaluating performance outcomes and recommending improvements that drive project success. Recognized as a technical expert across multiple projects or domains. Travel up to 25% may be required based on project needs. Certifications
Security+ CE (minimum). At least one advanced certification: CISSP, CISM, CAP, GSCA, or similar. Clearance
Active Secret Clearance. Even Better
Bachelors or Masters degree in Cybersecurity, IT, or related field. CISSP-ISSAP/ISSEP, CISA, or GSNA for advanced risk/assessment expertise. Hands-on familiarity with eMASS, Nessus/ACAS, HBSS/Tanium, and other DoD assessment tools. Experience with continuous monitoring, POA&M closure, and vulnerability remediation. Strong written and verbal communication skills for assessment reports and leadership briefings. Familiarity with cloud RMF authorizations (AWS GovCloud, Azure Government). Additional Information
ASG is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. If you require a reasonable accommodation during the application process, please contact hr@a2-g.com. Perks
Healthcare Benefits Life Insurance Disability Coverage Paid Time Off 401k Matching Employee Referral Bonus Education Assistance Learning and Development Resources Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries: IT Services and IT Consulting Note: This listing includes standard job-seeking information and does not include any non-essential boilerplate content. #J-18808-Ljbffr
Lead Security Control Assessor role at A Square Group (ASG). Location
Remote/National Capital Region Company Description
ASG is a Minorit y- and Woman-Owned, Physician-Owned small business with over 15 years of experience in federal government contracting. We deliver a wide range of technology services, including software development, mobile apps, AI/ML, analytics, data science, big data, DevSecOps, digital transformation, cloud, and cybersecurity. ASG is CMMI Level 3 certified and holds ISO 9001:2015, 20000-1:2018, and 27001:2022 certifications. Job Description
ASG is seeking a Lead Security Control Assessor. This role provides leadership and expertise in Risk Management Framework (RMF) control assessments, security validation, and accreditation support across the enterprise IT systems. The Lead Security Control Assessor will be responsible for planning, leading, and executing security control assessments, mentoring junior assessors, and ensuring compliance with DoD, DISA, and NIST 800-53 control requirements. The role also supports the preparation and validation of Authorization to Operate (ATO) packages and contributes to overall cybersecurity readiness. What You Will Do
Lead Security Control Assessment (SCA) activities across enterprise systems, including review of security documentation, technical validation, and control testing. Perform independent security assessments in alignment with NIST SP 800-53, DISA STIGs, and DoD RMF guidance. Provide expert input for System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and ATO packages. Coordinate with ISSMs, ISSOs, system owners, and cybersecurity staff to track remediation and verify corrective actions. Ensure compliance with DISA cybersecurity policies, CNSSI guidance, and CND directives. Lead assessment teams, providing mentorship, task direction, and quality oversight. Deliver risk assessments, gap analyses, and recommendations to government stakeholders. Develop assessment methodologies, SOPs, and templates to streamline control validation. Support audit readiness and participate in DoD inspections and cyber readiness exercises. Communicate technical findings to senior leadership, translating risks into actionable recommendations. Other duties as assigned. Requirements
What We Need: Minimum of 8 years of cybersecurity and RMF/assessment experience, with at least 3 years in a senior or lead assessor role. Proven ability to lead control validation efforts for large-scale DoD or DISA systems. Comprehensive knowledge and experience in key tasks and high-impact assignments. Demonstrated ability to plan and lead major technology initiatives. Proven experience evaluating performance outcomes and recommending improvements that drive project success. Recognized as a technical expert across multiple projects or domains. Travel up to 25% may be required based on project needs. Certifications
Security+ CE (minimum). At least one advanced certification: CISSP, CISM, CAP, GSCA, or similar. Clearance
Active Secret Clearance. Even Better
Bachelors or Masters degree in Cybersecurity, IT, or related field. CISSP-ISSAP/ISSEP, CISA, or GSNA for advanced risk/assessment expertise. Hands-on familiarity with eMASS, Nessus/ACAS, HBSS/Tanium, and other DoD assessment tools. Experience with continuous monitoring, POA&M closure, and vulnerability remediation. Strong written and verbal communication skills for assessment reports and leadership briefings. Familiarity with cloud RMF authorizations (AWS GovCloud, Azure Government). Additional Information
ASG is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. If you require a reasonable accommodation during the application process, please contact hr@a2-g.com. Perks
Healthcare Benefits Life Insurance Disability Coverage Paid Time Off 401k Matching Employee Referral Bonus Education Assistance Learning and Development Resources Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries: IT Services and IT Consulting Note: This listing includes standard job-seeking information and does not include any non-essential boilerplate content. #J-18808-Ljbffr