Jobs via Dice
Security Control Assessor
Location: Washington, DC (5 days a week on-site)
Employment type: Contract
Our client, a prominent federal agency, seeks an experienced Security Control Assessor to protect critical government systems.
Duties and Responsibilities
Perform security control assessments using the NIST Risk Management Framework (RMF) for federal systems.
Leverage the Joint Cybersecurity Authorization Management (JCAM) system to conduct assessments, manage security controls, and provide recommendations.
Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments.
Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks.
Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities.
Conduct vulnerability management activities, including assessing remediation efforts and verifying controls.
Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning.
Maintain and update knowledge of federal security requirements and industry standards.
Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking.
Required Experience and Skills
Bachelor's degree with 8+ years of relevant experience (or equivalent).
Minimum of 3 to 5 years performing security control assessments using RMF.
In-depth knowledge of NIST publications: SP 800‑53A Rev. 5, SP 800‑53 Rev. 5, SP 800‑37 Rev. 2, SP 800‑137, SP 800‑18 Rev. 1, FIPS 200, and FIPS 199.
Experience with JCAM system (formerly CSAM) for assessment and management of security controls.
Strong knowledge in account management, configuration management, vulnerability management, identity credentials and authorization management, contingency planning, audit and accountability, incident response, media protection, and cloud computing environments.
Experience with POAM creation and management.
Active Public Trust clearance or ability to obtain one.
Strong analytical and independent work skills.
Excellent collaboration and communication skills.
Adaptable and flexible to changes in priorities or tasking.
Ability to travel up to 25% for site assessments, meetings, and other duties.
Nice‑to‑Haves
Experience with federal law enforcement agency organizations.
Relevant cybersecurity certifications (CISSP, Security+, CAP, CISA, CISM).
Previous experience working in the D.C. area with federal agencies.
Familiarity with eMASS or similar authorization management systems.
Education Bachelor's degree required (or equivalent experience).
Pay & Benefits Up to $89/hr W2. (Details available upon request.)
Call to Action Ready to make an impact on federal cybersecurity?
Apply today to join a team dedicated to protecting critical government systems and information!
Keywords: Security Control Assessor, NIST RMF, 800-53, Cybersecurity, Public Trust Clearance, JCAM, Federal Security, POAM, Risk Management Framework, Security Assessment, Washington DC, Information Security, Government Contractor, System Security
#J-18808-Ljbffr
Employment type: Contract
Our client, a prominent federal agency, seeks an experienced Security Control Assessor to protect critical government systems.
Duties and Responsibilities
Perform security control assessments using the NIST Risk Management Framework (RMF) for federal systems.
Leverage the Joint Cybersecurity Authorization Management (JCAM) system to conduct assessments, manage security controls, and provide recommendations.
Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments.
Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks.
Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities.
Conduct vulnerability management activities, including assessing remediation efforts and verifying controls.
Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning.
Maintain and update knowledge of federal security requirements and industry standards.
Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking.
Required Experience and Skills
Bachelor's degree with 8+ years of relevant experience (or equivalent).
Minimum of 3 to 5 years performing security control assessments using RMF.
In-depth knowledge of NIST publications: SP 800‑53A Rev. 5, SP 800‑53 Rev. 5, SP 800‑37 Rev. 2, SP 800‑137, SP 800‑18 Rev. 1, FIPS 200, and FIPS 199.
Experience with JCAM system (formerly CSAM) for assessment and management of security controls.
Strong knowledge in account management, configuration management, vulnerability management, identity credentials and authorization management, contingency planning, audit and accountability, incident response, media protection, and cloud computing environments.
Experience with POAM creation and management.
Active Public Trust clearance or ability to obtain one.
Strong analytical and independent work skills.
Excellent collaboration and communication skills.
Adaptable and flexible to changes in priorities or tasking.
Ability to travel up to 25% for site assessments, meetings, and other duties.
Nice‑to‑Haves
Experience with federal law enforcement agency organizations.
Relevant cybersecurity certifications (CISSP, Security+, CAP, CISA, CISM).
Previous experience working in the D.C. area with federal agencies.
Familiarity with eMASS or similar authorization management systems.
Education Bachelor's degree required (or equivalent experience).
Pay & Benefits Up to $89/hr W2. (Details available upon request.)
Call to Action Ready to make an impact on federal cybersecurity?
Apply today to join a team dedicated to protecting critical government systems and information!
Keywords: Security Control Assessor, NIST RMF, 800-53, Cybersecurity, Public Trust Clearance, JCAM, Federal Security, POAM, Risk Management Framework, Security Assessment, Washington DC, Information Security, Government Contractor, System Security
#J-18808-Ljbffr