Visit our website

logo

View all jobs

Senior Security Controls Assessor

Annapolis Junction, MD · Information Technology

Senior Security Control Assessor

Location: Annapolis Junction, MD

Overview

Our client is seeking a highly skilled Senior Security Control Assessor (SCA) to support verification and validation of security compliance for information systems, products, and components. This role requires strong expertise in security and systems engineering across multiple domains, along with the ability to perform comprehensive assessments and recommend effective mitigation strategies within a secure environment.

This position plays a critical role in supporting the certification and accreditation (C&A) of systems within a highly regulated environment. The ideal candidate will bring extensive experience in security engineering, vulnerability assessment, and compliance verification, along with certifications aligned with IAT III or IAM III requirements.

Key Responsibilities

  • Perform verification and validation of security compliance for low- and moderately complex information systems, products, and components

  • Review and analyze design specifications, system documentation, configuration practices, and operational procedures

  • Identify non-compliance with security requirements and recommend mitigation strategies

  • Conduct on-site evaluations to validate system security requirements

  • Verify that systems meet established security standards and controls

  • Perform vulnerability assessments and coordinate penetration testing activities

  • Develop and deliver comprehensive certification and validation reports

  • Collaborate with system owners and stakeholders to ensure adherence to security standards and best practices

Education & Experience

  • Minimum of 12 years of related experience in security engineering or system engineering

  • Bachelor’s degree in Computer Science, Information Technology, or related field may substitute for up to 4 years of experience

Experience in five or more of the following areas:

  • Telecommunications concepts

  • Operating systems

  • Databases / DBMS

  • Middleware

  • Applications

  • Web servers

  • SANs / NetApp technologies

  • Active Directory

  • Firewalls

  • Controlled interfaces

Required Certifications (IAT III or IAM III equivalent):

  • CISSP

  • CASP+ (SecurityX)

  • CISM

Required Skills

  • Strong understanding of system security engineering principles and practices

  • Experience with security compliance assessments and vulnerability analysis

  • Excellent analytical and problem-solving abilities

  • Ability to produce clear, detailed documentation and reporting

  • Familiarity with federal security regulations, standards, and frameworks

Benefits

  • 4 weeks PTO + all federal holidays

  • 10% retirement contribution (no employee match required)

  • Comprehensive health insurance

Nice to Have

  • AWS experience, particularly S3 and cloud environments

  • DevSecOps experience, including DAST and SAST testing

  • cATO experience

Equal Employment Opportunity

Our client is an Equal Opportunity Employer committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, or any other protected status under applicable federal, state, or local law.

We believe diverse perspectives strengthen innovation and are dedicated to creating an environment where all employees feel respected, valued, and empowered to succeed.

https://www.staffed4u.com/ 

Share This Job

Powered by