Logo
Emerging Tech, LLC

Emerging Tech, LLC is hiring: Security Assessment Tester / SCA in Washington

Emerging Tech, LLC, Washington, DC, US, 20022

Save Job

Emerging Tech is seeking a Security Assessment Tester / Security Control Assessor (SCA) to support the Department of Health and Human Services (HHS) Enterprise Shared Services (ESS) Line of Business (LoB) and other Federal customers. The SCA will perform security control assessments, vulnerability analysis, and technical testing to validate compliance with NIST, FISMA, and Federal regulations. The role includes conducting physical security walkthroughs, network and system scans, and Personal Identity Verification (PIV) Card Issuance Facility (PCIF) assessments. The ideal candidate will have hands-on expertise with security testing tools, vulnerability assessments, and control evaluation, paired with the ability to deliver clear documentation and actionable recommendations. This is a hybrid role requiring on-site work in the Washington, D.C., Maryland, and Virginia (DMV) area, with occasional travel across the continental U.S. for on-site assessments. 

Responsibilities and Duties    

  • Conduct security control assessments (SCAs) in accordance with NIST SP 800-53, 800-53A, and FISMA requirements. 

  • Perform technical vulnerability analysis, including scans of web applications, servers, networks, and databases. 

  • Execute physical security walkthroughs and assessments of facilities, including PCIF and OpDiv assessments per NIST 800-79. 

  • Configure, interpret, and identify vulnerabilities and false positives from automated scans. 

  • Support the development and remediation of Corrective Action Plans (CAPs) for PCIF facilities. 

  • Identify existing and potential organizational security weaknesses across personnel, operational, physical, and logical security controls. 

  • Deliver assessment reports, documentation, and presentations summarizing findings and recommendations. 

  • Assist with continuous monitoring and system authorization activities to support Authority to Operate (ATO) processes. 

  • Maintain testing tools, laptops, and security assessment materials. 

  • Provide weekly status reports and project plans for customer engagements. 

  • Support ESS LoB federal program managers and customers in both HHS and non-HHS agencies, adapting to shifting priorities. 

  • Travel as required across the U.S. to conduct on-site assessments. 

Qualifications and Skills   

  • 5–8 years of IT security experience performing and configuring scans, testing systems, and evaluating security controls. 

  • CISSP certification (or equivalent in penetration testing and vulnerability assessment) required. 

  • Strong understanding of Federal IT security laws, directives, and policies. 

  • Experience performing compliance validation and assessments under NIST, FISMA, and FISCAM frameworks. 

  • Familiarity with secured and non-secured environments and associated security requirements. 

  • Proficiency with security testing tools, including but not limited to: 

  • Nmap, Netcat, Nipper Studio 

  • Nessus, Security Center, Microsoft Baseline Security Analyzer 

  • Wireshark, Core Impact, IBM AppScan Standard, Burp Suite Professional, AppDetective Pro, WebInspect 

  • Understanding of security policies and procedures, including physical security of testing machines and restricted access requirements. 

  • Strong written and verbal communication skills for reports, presentations, and stakeholder engagement. 

  • Ability to independently perform technical evaluations and provide clear justifications for compliance/non-compliance findings. 

What We Offer   

  • Benefits: Comprehensive health, dental, and vision benefits     

  • Retirement: 401K savings plan with company match     

  • Work Environment: Remote flexibility with occasional travel to federal sites as needed   

  • Paid Time Off (PTO): Generous PTO and federal holidays   

  • Performance Evaluation/Retention Bonus: Opportunity for performance-based bonuses     

Equal Opportunity Employer    

Emerging Tech, LLC is an equal opportunity employer and prohibits discrimination and harassment of any kind. We are committed to providing a workplace that is inclusive and free of employment discrimination on the basis of race, color, religion, sex, national origin, age, disability, or any other status protected by applicable federal, state, or local law. This commitment extends to all aspects of employment, including hiring, promotion, transfer, compensation, benefits, training, social, and recreational activities.    

We value diversity and strive to create a positive and inclusive work environment where all employees are treated with dignity and respect. Decisions regarding employment are made based on an individual's qualifications as they relate to the job for which they are applying.