ALTA IT Services
Security Control Assessor
Per Federal Contract U.S. Citizenship Required
Must be able to pass federal background check for DOJ Public Trust Clearance
Onsite ONLY – Washington, DC (5 days a week on-site); No telework allowed
Candidates with Active DOJ Clearance are encouraged to apply.
Start Date 1/26/2026
$85.78/hr W2 ONLY. This role will involve performing security control assessments, utilizing the NIST Risk Management Framework (RMF), and supporting the overall cybersecurity efforts to safeguard DOJ systems and information. The ideal candidate will have a strong background in security control assessments, specifically utilizing the NIST RMF and related publications. This is an on-site position based in the D.C. area with occasional travel.
Responsibilities
Perform security control assessments using the NIST Risk Management Framework (RMF) for DOJ ATR systems.
Leverage the Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM) to conduct assessments, manage security controls, and provide recommendations.
Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments.
Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks.
Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities.
Conduct vulnerability management activities, including assessing remediation efforts and verifying controls.
Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning.
Maintain and update knowledge of federal security requirements and industry standards.
Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking.
Personal Skills
Analytical: Ability to assess complex security issues and propose solutions.
Independent: Able to work autonomously with little to no supervision.
Team-Oriented: Collaborates effectively with ISSOs and other stakeholders.
Flexible: Adaptable to changes in priorities or tasking.
Inquisitive: Strong ability to ask the right questions to gather information and clarify requirements.
Outgoing: Comfortable interacting with multiple teams to gather necessary information and support security efforts.
Job Requirements
Bachelor’s degree with 8+ years of relevant experience. Additional experience may be considered in lieu of a degree.
Minimum of 3 to 5 years performing security control assessments using the NIST Risk Management Framework (RMF).
Experience with or Federal Law Enforcement Agency organizations is preferred but not required.
Knowledge of NIST Risk Management Framework (RMF):
SP 800-53A Rev. 5: Assessing Security and Privacy Controls in Information Systems and Organizations
SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations
SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations
SP 800-137: Information Security Continuous Monitoring (ISCM)
SP 800-18 Rev. 1: Guide for Developing Security Plans for Federal Information Systems
FIPS 200: Minimum Security Requirements for Federal Information and Information Systems
FIPS 199: Standards for Security Categorization of Federal Information and Information Systems
Experience with Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM):
Use of JCAM for assessment and management of security controls for Federal LEA systems.
In-depth Knowledge in the following principles:
Account Management
Configuration Management
Vulnerability Management
Identity Credentials and Authorization Management
Contingency Plans/Planning
Audit and Accountability
Incident Response
Media Protection
Cloud Computing Environments
POAM Creation and Management
Additional Qualifications
Active Public Trust clearance or ability to obtain one.
Ability to travel up to 25% for site assessments, meetings, and other required duties.
System One, and its subsidiaries including Joul, ALTA IT Services, TeamPeople, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
#J-18808-Ljbffr
Must be able to pass federal background check for DOJ Public Trust Clearance
Onsite ONLY – Washington, DC (5 days a week on-site); No telework allowed
Candidates with Active DOJ Clearance are encouraged to apply.
Start Date 1/26/2026
$85.78/hr W2 ONLY. This role will involve performing security control assessments, utilizing the NIST Risk Management Framework (RMF), and supporting the overall cybersecurity efforts to safeguard DOJ systems and information. The ideal candidate will have a strong background in security control assessments, specifically utilizing the NIST RMF and related publications. This is an on-site position based in the D.C. area with occasional travel.
Responsibilities
Perform security control assessments using the NIST Risk Management Framework (RMF) for DOJ ATR systems.
Leverage the Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM) to conduct assessments, manage security controls, and provide recommendations.
Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments.
Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks.
Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities.
Conduct vulnerability management activities, including assessing remediation efforts and verifying controls.
Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning.
Maintain and update knowledge of federal security requirements and industry standards.
Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking.
Personal Skills
Analytical: Ability to assess complex security issues and propose solutions.
Independent: Able to work autonomously with little to no supervision.
Team-Oriented: Collaborates effectively with ISSOs and other stakeholders.
Flexible: Adaptable to changes in priorities or tasking.
Inquisitive: Strong ability to ask the right questions to gather information and clarify requirements.
Outgoing: Comfortable interacting with multiple teams to gather necessary information and support security efforts.
Job Requirements
Bachelor’s degree with 8+ years of relevant experience. Additional experience may be considered in lieu of a degree.
Minimum of 3 to 5 years performing security control assessments using the NIST Risk Management Framework (RMF).
Experience with or Federal Law Enforcement Agency organizations is preferred but not required.
Knowledge of NIST Risk Management Framework (RMF):
SP 800-53A Rev. 5: Assessing Security and Privacy Controls in Information Systems and Organizations
SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations
SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations
SP 800-137: Information Security Continuous Monitoring (ISCM)
SP 800-18 Rev. 1: Guide for Developing Security Plans for Federal Information Systems
FIPS 200: Minimum Security Requirements for Federal Information and Information Systems
FIPS 199: Standards for Security Categorization of Federal Information and Information Systems
Experience with Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM):
Use of JCAM for assessment and management of security controls for Federal LEA systems.
In-depth Knowledge in the following principles:
Account Management
Configuration Management
Vulnerability Management
Identity Credentials and Authorization Management
Contingency Plans/Planning
Audit and Accountability
Incident Response
Media Protection
Cloud Computing Environments
POAM Creation and Management
Additional Qualifications
Active Public Trust clearance or ability to obtain one.
Ability to travel up to 25% for site assessments, meetings, and other required duties.
System One, and its subsidiaries including Joul, ALTA IT Services, TeamPeople, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
#J-18808-Ljbffr