Security Controls Assessor

Job Summary

A company is looking for a Security Controls Assessor to support a high-visibility federal program focused on cybersecurity and privacy.

Key Responsibilities

• Perform security and privacy control assessments for various systems using NIST frameworks
• Establish and maintain continuous monitoring strategies to assess cybersecurity and privacy risks
• Support the integration of security and privacy controls into the System Development Life Cycle (SDLC) and enterprise architecture

Required Qualifications

• Degree in a cyber-related field or equivalent relevant experience
• Experience conducting security and privacy control assessments for federal information systems
• Deep understanding of NIST RMF processes and hands-on application across assessment lifecycles
• Proven ability to develop and manage Plan of Action and Milestones (POA&Ms)
• Experience with continuous monitoring programs and risk scoring methodologies