Your Vision Achieved
Senior Security Controls Assessor
Location
United States
Posted
1 day ago
Salary
$125K - $141K / year
Seniority
Senior
Job Description
Senior Security Controls Assessor
Avint
• Avint is seeking a highly motivated Senior Security Controls Assessor (SCA) in support of a critical federal contract. • The Senior SCA is a subject matter expert responsible for executing comprehensive, independent assessments of the organization’s most complex information systems, applications, and cloud infrastructures. • Operating as a senior-level individual contributor, this role focuses on verifying the implementation, correctness, and effectiveness of technical, operational, and management security controls. • The Senior SCA handles the most complex, critical, or sensitive system assessments, serving as a technical mentor to junior assessors and a primary technical advisor to system owners during the Risk Management Framework (RMF) lifecycle.
Job Requirements
- Education:
- Bachelor’s degree (BS/BA) OR equivalent professional experience.
- Security+; higher certifications such as CISSP, CAP, or CASP desired.
- Experience:
- Minimum of 8-10 years of dedicated experience in cybersecurity, information assurance, or IT auditing.
- At least six (6) years of dedicated experience performing hands-on security controls assessments of the most complex (C4) systems.
- Clearance Requirements:
- Must be a U.S. citizen (no dual citizenship).
- Ability to pass a background investigation.
- Able to obtain and maintain DHS Suitability/Entry on Duty (EOD).
- Soft Skills:
- Strong analytical, critical thinking, and problem-solving skills with a high level of technical professional skepticism.
- Excellent technical writing skills, with the ability to clearly document complex technical findings and defend assessment results to stakeholders.
- Exceptional interpersonal and diplomatic skills, allowing for productive collaboration with system administrators, developers, and management.
Benefits
- Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits, from competitive salaries, full health insurance, generous time off, and observation of federal holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Conduct security control assessments of information systems using interview, examination, and testing methods • Verify compliance with established frameworks such as NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational requirements • Analyze system architectures, network diagrams, configuration settings, and policies to identify vulnerabilities and compliance gaps • Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing reports to validate the implementation of technical controls • Document detailed testing results and draft sections of the Security Assessment Report (SAR), ensuring clear explanations of non-compliant findings • Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms • Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies • Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy • Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques • Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle • Participate in the development and refinement of enterprise information security policies, standards, and guidelines
• We are seeking a highly skilled and experienced Information Systems Security Officer (ISSO) Subject Matter Expert (SME) to join our team. • In this critical role, you will be ultimately responsible for the day-to-day cyber operations of assigned systems, ensuring strict adherence to the Risk Management Framework (RMF) and industry standards. • As a trusted advisor, you will collaborate closely with executive leadership—including the Authorizing Official (AO), System Owners, and the Chief Information Security Officer (CISO)—to mitigate risk and defend vital digital infrastructure.
Cybersecurity Engineer
VivSoftSolving complex Public Sector Use cases using emerging technologies - SBIR Phase III Awardee
• Manage overall platform security to meet/exceed stakeholder cybersecurity expectations • Design and implement security architectures, controls, and technologies for government systems • Lead vulnerability assessment, penetration testing support, and security engineering reviews • Develop and maintain security documentation (SSPs, POA&Ms, etc.) for ATO packages • Support Risk Management Framework (RMF) implementation and continuous monitoring programs • Implement Zero Trust, identity management, and endpoint security solutions • Respond to security incidents, conduct forensic analysis, and coordinate remediation • Provide security guidance to development and infrastructure teams
• executing the design, building, testing, and implementation of security systems across our environment • working closely with other members of the Information Security team to identify potential threats and vulnerabilities and develop strategies and solutions to mitigate these risks • securing the end-user device estate and the mobile platforms through which the enterprise increasingly operates • contributing to our overall information security strategy • define and evaluate security architecture for the end-user device estate • advise on mobility security • perform Security Architecture Reviews • deliver Security Architecture Consulting engagements with business partners • provide Risk Evidence Review on request • plan, design, build, and implement enterprise security architecture • evaluate security technologies and controls across the environment • identify and communicate current and emerging security threats and risks • help develop solutions that balance information security needs with the needs of the business • be fluent with AI concepts and incorporate AI into your daily workflows • create reusable security-architecture artifacts • support training and mentorship of more junior employees


