ALTA IT Services, LLC
Security Control Assessor
Location:
Washington, DC (Onsite only – 5 days a week on-site).
Employment type:
Contract (W2 only).
Salary:
$80-$85/hr.
Start Date:
1/26/2026.
No telework allowed.
Citizenship & Eligibility:
Per Federal Contract U.S. Citizenship Required. Must pass federal background check for DOJ Public Trust Clearance. Candidates with Active DOJ Clearance are encouraged to apply.
This role will involve performing security control assessments, utilizing the NIST Risk Management Framework (RMF), and supporting the overall cybersecurity efforts to safeguard DOJ systems and information. The ideal candidate will have a strong background in security control assessments, specifically utilizing the NIST RMF and related publications.
This is an on‑site position based in the D.C. area with occasional travel.
Responsibilities
Perform security control assessments using the NIST Risk Management Framework (RMF) for DOJ ATR systems.
Leverage the Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM) to conduct assessments, manage security controls, and provide recommendations.
Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments.
Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks.
Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities.
Conduct vulnerability management activities, including assessing remediation efforts and verifying controls.
Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning.
Maintain and update knowledge of federal security requirements and industry standards.
Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking.
Personal Skills
Analytical: Ability to assess complex security issues and propose solutions.
Independent: Able to work autonomously with little to no supervision.
Team‑Oriented: Collaborates effectively with ISSOs and other stakeholders.
Flexible: Adaptable to changes in priorities or tasking.
Inquisitive: Strong ability to ask the right questions to gather information and clarify requirements.
Outgoing: Comfortable interacting with multiple teams to gather necessary information and support security efforts.
Job Requirements Education & Experience:
Bachelor's degree with 8+ years of relevant experience. Additional experience may be considered in lieu of a degree.
Minimum of 3 to 5 years performing security control assessments using the NIST Risk Management Framework (RMF).
Experience with or Federal Law Enforcement Agency organizations is preferred but not required.
Knowledge of NIST RMF and related publications
SP 800‑53A Rev. 5: Assessing Security and Privacy Controls in Information Systems and Organizations
SP 800‑53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations
SP 800‑37 Rev. 2: Risk Management Framework for Information Systems and Organizations
SP 800‑137: Information Security Continuous Monitoring (ISCM)
SP 800‑18 Rev. 1: Guide for Developing Security Plans for Federal Information Systems
FIPS 200: Minimum Security Requirements for Federal Information and Information Systems
FIPS 199: Standards for Security Categorization of Federal Information and Information Systems
Experience with Joint Cybersecurity Authorization Management (JCAM) system Use of JCAM for assessment and management of security controls for Federal LEA systems.
In-depth Knowledge in the following principles
Account Management
Configuration Management
Vulnerability Management
Identity Credentials and Authorization Management
Contingency Plans/Planning
Audit and Accountability
Incident Response
Media Protection
Cloud Computing Environments
POAM Creation and Management
Additional Qualifications
Active Public Trust clearance or ability to obtain one.
Ability to travel up to 25% for site assessments, meetings, and other required duties.
#J-18808-Ljbffr
Washington, DC (Onsite only – 5 days a week on-site).
Employment type:
Contract (W2 only).
Salary:
$80-$85/hr.
Start Date:
1/26/2026.
No telework allowed.
Citizenship & Eligibility:
Per Federal Contract U.S. Citizenship Required. Must pass federal background check for DOJ Public Trust Clearance. Candidates with Active DOJ Clearance are encouraged to apply.
This role will involve performing security control assessments, utilizing the NIST Risk Management Framework (RMF), and supporting the overall cybersecurity efforts to safeguard DOJ systems and information. The ideal candidate will have a strong background in security control assessments, specifically utilizing the NIST RMF and related publications.
This is an on‑site position based in the D.C. area with occasional travel.
Responsibilities
Perform security control assessments using the NIST Risk Management Framework (RMF) for DOJ ATR systems.
Leverage the Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM) to conduct assessments, manage security controls, and provide recommendations.
Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments.
Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks.
Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities.
Conduct vulnerability management activities, including assessing remediation efforts and verifying controls.
Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning.
Maintain and update knowledge of federal security requirements and industry standards.
Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking.
Personal Skills
Analytical: Ability to assess complex security issues and propose solutions.
Independent: Able to work autonomously with little to no supervision.
Team‑Oriented: Collaborates effectively with ISSOs and other stakeholders.
Flexible: Adaptable to changes in priorities or tasking.
Inquisitive: Strong ability to ask the right questions to gather information and clarify requirements.
Outgoing: Comfortable interacting with multiple teams to gather necessary information and support security efforts.
Job Requirements Education & Experience:
Bachelor's degree with 8+ years of relevant experience. Additional experience may be considered in lieu of a degree.
Minimum of 3 to 5 years performing security control assessments using the NIST Risk Management Framework (RMF).
Experience with or Federal Law Enforcement Agency organizations is preferred but not required.
Knowledge of NIST RMF and related publications
SP 800‑53A Rev. 5: Assessing Security and Privacy Controls in Information Systems and Organizations
SP 800‑53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations
SP 800‑37 Rev. 2: Risk Management Framework for Information Systems and Organizations
SP 800‑137: Information Security Continuous Monitoring (ISCM)
SP 800‑18 Rev. 1: Guide for Developing Security Plans for Federal Information Systems
FIPS 200: Minimum Security Requirements for Federal Information and Information Systems
FIPS 199: Standards for Security Categorization of Federal Information and Information Systems
Experience with Joint Cybersecurity Authorization Management (JCAM) system Use of JCAM for assessment and management of security controls for Federal LEA systems.
In-depth Knowledge in the following principles
Account Management
Configuration Management
Vulnerability Management
Identity Credentials and Authorization Management
Contingency Plans/Planning
Audit and Accountability
Incident Response
Media Protection
Cloud Computing Environments
POAM Creation and Management
Additional Qualifications
Active Public Trust clearance or ability to obtain one.
Ability to travel up to 25% for site assessments, meetings, and other required duties.
#J-18808-Ljbffr