
Avint
Remote Jobs
Your Vision Achieved
34 Jobs
Role Description Avint is seeking a highly motivated Journeyman Security Controls Assessor (SCA) in support of a critical federal contract. The Journeyman SCA is a mid-level professional responsible for executing standard security control assessments, evaluations, and compliance verifications across organizational information systems. Operating as a core member of the cybersecurity assurance team, this role focuses on testing technical, operational, and management controls to ensure alignment with regulatory requirements and security policies. The mid-level SCA works under the general supervision of and receives technical guidance from senior SCAs, contributing directly to the organization’s Risk Management Framework (RMF) and Security Assessment and Authorization (A&A) lifecycles. Qualifications - Bachelor’s degree (BS/BA) OR equivalent professional experience - Security+ or higher - Minimum of 6-8 years of dedicated experience in cybersecurity, information assurance, or IT auditing - At least six (6) years of dedicated experience performing hands-on security controls assessments of systems of moderate complexity (C2 & C3) with capability of supporting C4 assessments Requirements - Must be a U.S. citizen (no dual citizenship) - Ability to pass a background investigation - Able to obtain and maintain DHS Suitability/Entry on Duty (EOD) Soft Skills - Strong attention to detail and organized documentation habits - Good analytical and troubleshooting abilities - Professional verbal and written communication skills, with an ability to collaborate effectively across technical boundaries Position Responsibilities - Security Assessment and Validation: - Conduct security control assessments of information systems using interview, examination, and testing methods - Verify compliance with established frameworks such as NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational requirements - Analyze system architectures, network diagrams, configuration settings, and policies to identify vulnerabilities and compliance gaps - Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing reports to validate the implementation of technical controls - Reporting and Risk Management: - Document detailed testing results and draft sections of the Security Assessment Report (SAR), ensuring clear explanations of non-compliant findings - Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms - Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies - Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy - Continuous Improvement and Strategy: - Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques - Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle - Participate in the development and refinement of enterprise information security policies, standards, and guidelines - Technical Areas of Expertise: - Solid working knowledge of security control frameworks (specifically NIST SP 800-53, NIST SP 800-37, and NIST SP 800-171) - Familiarity with cloud security concepts (AWS, Azure, Google Cloud) and cloud compliance frameworks (FedRAMP) - Knowledge of operating system security, network protocols, access control mechanisms, and vulnerability management tools Benefits - Competitive salaries - Full health insurance - Generous time off - Observation of federal holidays - Reimbursement for courses, exams, and tuition for professional development Salary Range $104,000-$119,000
• executing the full RMF lifecycle across all information systems and applications • leading security assessment activities with the goal of maintaining a 100% Authority to Operate (ATO) status • ensuring the rigorous application of cybersecurity policies • managing system remediation efforts • designing critical contingency plans • championing cybersecurity awareness across the organization
• Avint is seeking a highly motivated Senior Security Controls Assessor (SCA) in support of a critical federal contract. • The Senior SCA is a subject matter expert responsible for executing comprehensive, independent assessments of the organization’s most complex information systems, applications, and cloud infrastructures. • Operating as a senior-level individual contributor, this role focuses on verifying the implementation, correctness, and effectiveness of technical, operational, and management security controls. • The Senior SCA handles the most complex, critical, or sensitive system assessments, serving as a technical mentor to junior assessors and a primary technical advisor to system owners during the Risk Management Framework (RMF) lifecycle.
• Conduct security control assessments of information systems using interview, examination, and testing methods • Verify compliance with established frameworks such as NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational requirements • Analyze system architectures, network diagrams, configuration settings, and policies to identify vulnerabilities and compliance gaps • Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing reports to validate the implementation of technical controls • Document detailed testing results and draft sections of the Security Assessment Report (SAR), ensuring clear explanations of non-compliant findings • Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms • Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies • Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy • Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques • Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle • Participate in the development and refinement of enterprise information security policies, standards, and guidelines
• We are seeking a highly skilled and experienced Information Systems Security Officer (ISSO) Subject Matter Expert (SME) to join our team. • In this critical role, you will be ultimately responsible for the day-to-day cyber operations of assigned systems, ensuring strict adherence to the Risk Management Framework (RMF) and industry standards. • As a trusted advisor, you will collaborate closely with executive leadership—including the Authorizing Official (AO), System Owners, and the Chief Information Security Officer (CISO)—to mitigate risk and defend vital digital infrastructure.
Role Description We are seeking a highly skilled and experienced Information Systems Security Officer (ISSO) - Senior to join our team. In this critical role, you will be responsible for executing the full RMF lifecycle across all information systems and applications, leading security assessment activities with the goal of maintaining a 100% Authority to Operate (ATO) status. As a senior leader, you will ensure the rigorous application of cybersecurity policies, manage system remediation efforts, design critical contingency plans, and champion cybersecurity awareness across the organization. Qualifications - Bachelor’s Degree (BA/BS) OR equivalent verifiable work experience - Six (6) years of progressive experience in information assurance, cybersecurity engineering, or ISSO/ISSM roles. Requirements - Must be a U.S. citizen (no dual citizenship). - Ability to pass a background investigation. - Able to obtain and maintain DHS Suitability/Entry on Duty (EOD). - High level of attention to detail and strong organizational skills. - Strong leadership and project management capabilities to drive remediation actions and manage inspection timelines. - Excellent communication and presentation skills, with a proven ability to draft technical status reports and confidently brief clients and senior stakeholders. Position Responsibilities - Security Program Oversight & Leadership - Policy Application: Ensure the rigorous application of cybersecurity policies, principles, and practices in the delivery of all IT cybersecurity services. - Operational Posture: Develop and implement programs as required to ensure that systems, networks, and data users are aware of, understand, and adhere to systems cybersecurity policies and procedures. - Resilience Planning: Develop system security contingency plans and disaster recovery plans to ensure organizational resilience. - Strategic Advisory & Risk Management - Executive & Client Consultation: Help conduct the appropriate remediation actions associated with findings from inspections and evaluations, generate status reports, and brief clients on the security health of information systems or programs. - Risk Management Framework (RMF) Expertise: Provide subject matter expertise and knowledge of RMF to perform Risk Management Framework activities for all information systems and applications. - Operations & Controls: Follow RMF to identify, implement, assess, and manage cybersecurity capabilities and services, expressed as security controls, and authorizing the operation of an information system. - Assessments, Audits, & Compliance - Authorization Support: Lead the security assessment and authorization activities for information systems, maintaining 100% ATO status. - Audit Readiness: Lead cybersecurity-related audits, inspections, assessments, operations, and orders processing. - Standards Alignment: Ensure information systems comply with client requirements and industry standards. - Technical Areas of Expertise - Deep subject matter expertise and advanced knowledge of RMF and NIST security controls. - Proven track record of leading systems successfully through the assessment and authorization process to secure and maintain a 100% ATO status. - Demonstrated experience authoring enterprise-level documentation, including Contingency Plans and Disaster Recovery Plans. - Experience coordinating and leading responses to formal cybersecurity audits, technical inspections, and orders processing. Benefits - Competitive salaries - Full health insurance - Generous time off - Observation of federal holidays - Reimbursement for courses, exams, and tuition Salary Range: $110,000-$125,000
Role Description Avint is seeking a highly motivated Senior Security Controls Assessor (SCA) in support of a critical federal contract. The Senior SCA is a subject matter expert responsible for executing comprehensive, independent assessments of the organization’s most complex information systems, applications, and cloud infrastructures. Operating as a senior-level individual contributor, this role focuses on verifying the implementation, correctness, and effectiveness of technical, operational, and management security controls. The Senior SCA handles the most complex, critical, or sensitive system assessments, serving as a technical mentor to junior assessors and a primary technical advisor to system owners during the Risk Management Framework (RMF) lifecycle. Qualifications - Bachelor’s degree (BS/BA) OR equivalent professional experience. - Security+; higher certifications such as CISSP, CAP, or CASP desired. - Minimum of 8-10 years of dedicated experience in cybersecurity, information assurance, or IT auditing. - At least six (6) years of dedicated experience performing hands-on security controls assessments of the most complex (C4) systems. Requirements - Must be a U.S. citizen (no dual citizenship). - Ability to pass a background investigation. - Able to obtain and maintain DHS Suitability/Entry on Duty (EOD). Soft Skills - Strong analytical, critical thinking, and problem-solving skills with a high level of technical professional skepticism. - Excellent technical writing skills, with the ability to clearly document complex technical findings and defend assessment results to stakeholders. - Exceptional interpersonal and diplomatic skills, allowing for productive collaboration with system administrators, developers, and management. Position Responsibilities - Security Assessment and Validation - Lead comprehensive security control assessments of complex information systems using interview, examination, and testing methods. - Verify compliance with established frameworks such as NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational requirements. - Analyze system architectures, network diagrams, configuration settings, and policies to identify vulnerabilities and compliance gaps. - Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing reports to validate the implementation of technical controls. - Technical Mentorship and Quality Assurance - Act as a senior technical escalation point and mentor for mid- and junior-level Security Controls Assessors on the team. - Perform peer reviews of assessment documentation, test results, and reports generated by other team members to ensure technical accuracy and consistency. - Support the SCA Team Lead in defining, refining, and standardizing assessment methodologies, testing procedures, and reporting templates. - Reporting and Risk Management - Author, review, and finalize high-quality Security Assessment Reports (SAR) detailing assessment findings, risks, and recommended remediations. - Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms. - Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies. - Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy. - Continuous Improvement and Strategy - Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques. - Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle. - Participate in the development and refinement of enterprise information security policies, standards, and guidelines. - Technical Areas of Expertise - Advanced knowledge of security control frameworks (specifically NIST SP 800-53, NIST SP 800-37, and NIST SP 800-171). - Familiarity with cloud security concepts (AWS, Azure, Google Cloud) and cloud compliance frameworks (FedRAMP). - Knowledge of operating system security, network protocols, access control mechanisms, and vulnerability management tools. Benefits - Competitive salaries. - Full health insurance. - Generous time off and observation of federal holidays. - Reimbursement for courses, exams, and tuition for professional development. Salary Range $125,000-$141,000
Role Description We are seeking a highly skilled and experienced Information Systems Security Officer (ISSO) Subject Matter Expert (SME) to join our team. In this critical role, you will be ultimately responsible for the day-to-day cyber operations of assigned systems, ensuring strict adherence to the Risk Management Framework (RMF) and industry standards. As a trusted advisor, you will collaborate closely with executive leadership—including the Authorizing Official (AO), System Owners, and the Chief Information Security Officer (CISO)—to mitigate risk and defend vital digital infrastructure. Qualifications - Bachelor’s Degree (BA/BS) OR equivalent verifiable work experience. - Security+ or higher; higher certifications such as CISSP, CAP, or CASP desired. - Eight (8) years of progressive experience in information assurance, cybersecurity engineering, or ISSO/ISSM roles. Requirements - Must be a U.S. citizen (no dual citizenship). - Ability to pass a background investigation. - Able to obtain and maintain DHS Suitability/Entry on Duty (EOD). - High level of attention to detail and strong organizational skills. - Exceptional communication and diplomacy skills, with the ability to translate complex technical risks into actionable business advice for executive stakeholders (AO, CISO). - Strong analytical thinking and meticulous attention to detail regarding security documentation and boundaries. Position Responsibilities - Security Program Oversight & Leadership - Program Ownership: Oversee the comprehensive Information Assurance (IA) program for assigned information systems. - Operational Posture: Ensure the continuous implementation and maintenance of an appropriate operational security posture, including network/system security, physical/environmental protection, personnel security, incident handling, and security training/awareness. - Day-to-Day Operations: Act as the primary authority ultimately responsible for daily cybersecurity operations across assigned systems. - Strategic Advisory & Risk Management - Executive Consultation: Advise the Authorizing Official (AO), Information System Owners, and the CISO on risks, vulnerabilities, and the overall security health of information systems or programs. - RMF Expertise: Provide deep Risk Management Framework (RMF) expertise and direct support for Cybersecurity Inspections, Operations, and Orders Processing. - Compliance & Documentation: Ensure all system security documentation remains current and that authorization boundaries are accurately defined and maintained for all systems. - Assessments, Audits, & Compliance - Authorization Support: Actively support and facilitate security assessment and authorization (A&A) activities to maintain Authority to Operate (ATO) status. - Audit Readiness: Lead and assist in cybersecurity-related audits, inspections, regulatory compliance reviews, and technical assessments. - Standards Alignment: Ensure all information systems strictly comply with client-specific mandates, federal regulations, and industry best practices. - Technical Areas of Expertise - Advanced mastery of the Risk Management Framework (RMF) and associated security controls (e.g., NIST SP 800-53). - Proven experience guiding systems through the full Assessment & Authorization (A&A) lifecycle. - Strong understanding of network security architecture, incident response protocols, and physical security standards. - Working knowledge of automated cybersecurity and vulnerability scanning tools deployed in enterprise environments (e.g., ACAS, Nessus, Splunk, HBSS, or similar). Benefits - Competitive salaries - Full health insurance - Generous time off - Observation of federal holidays - Reimbursement for courses, exams, and tuition Salary Range $130,000-$150,000
• Support cybersecurity compliance and risk management efforts within the HACS program. • Help maintain system authorization. • Develop security documentation. • Ensure systems meet federal cybersecurity standards.
• Support and protect critical federal systems within the HACS program at FRTIB HQ. • Lead Risk Management Framework (RMF) and Authority to Operate (ATO) efforts across mission-critical systems. • Work at the intersection of cybersecurity, compliance, and mission operations, ensuring systems are secure, authorized, and aligned with federal requirements
24more opportunities are still waiting for you.Log in now and take your next shot before someone else does.