Security Controls Assessor (SCA) - Journeyman
A
AvintCybersecurity
United StatesFull-TimeMiddle
Salary104,000 - 119,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- Minimum of 6-8 years
- Required Skills
- Cybersecurity
Requirements
- Bachelor’s degree (BS/BA) or equivalent professional experience.
- Security+ certification or higher.
- Minimum of 6-8 years of dedicated experience in cybersecurity, information assurance, or IT auditing.
- At least 6 years of dedicated experience performing hands-on security controls assessments of systems of moderate complexity (C2 & C3) with capability of supporting C4 assessments.
- Working knowledge of security control frameworks (NIST SP 800-53, 800-37, 800-171).
- Familiarity with cloud security concepts (AWS, Azure, Google Cloud) and FedRAMP.
- Knowledge of operating system security, network protocols, and access control mechanisms.
- Experience with vulnerability management tools.
- Strong attention to detail and organized documentation habits.
- Professional verbal and written communication skills for cross-functional collaboration.
Responsibilities
- Conduct security control assessments using interview, examination, and testing methods.
- Verify compliance with NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FISMA, and FedRAMP frameworks.
- Analyze system architectures, network diagrams, and configuration settings to identify vulnerabilities.
- Review vulnerability scanning results from tools like Nessus or Qualys.
- Document testing results and draft sections of the Security Assessment Report (SAR).
- Present findings and risk postures to Authorizing Officials and system owners.
- Assist system owners in developing Plans of Action and Milestones (POA&M) to remediate deficiencies.
- Collaborate with the Risk Management team to inform continuous monitoring strategies.
View Full Description & ApplyYou'll be redirected to the employer's site