Job Requirements
Remote
Public Trust Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Role: Security Control Accessor
Clearance: Must have at least a Public Trust - Secret level clearance preferred.
Work Location: Washington DC (Remote)
Position Overview
The Security Control Assessor (SCA) plays a pivotal role in comprehensively understanding the cybersecurity posture of a given capability within CDAO. SCAs must go beyond a mere compliance focus on controls to articulate the inherent risks of systems. Success in this position requires expertise in statutory guidance such as the NIST 800 series, DoDI 8500.01, DoD 8140.03, ISO 27001, COBIT, DoD RMF, and Operation Vulcan Logic (OVL), along with current cybersecurity best practices
The SCA provides authoritative risk determinations and recommendations critical for the Authorizing Official (AO) to grant an Authority to Operate (ATO). Their assessments integrate technical rigor with regulatory compliance, ensuring a robust security posture and informing strategic decision-making.
Work Location
Full time remote. Candidates in the Washington DC Metropolitan preferred. Travel requirements will vary with location, however, expect approximately 10% to 25%.
Job Responsibilities
Provide the AO with an independent risk assessment of assigned systems and an authorization.
Advise Program Managers on AO determination utilizing OVL documentation.
Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities.
Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program.
Providing support regarding the agile authorization and OVL processes.
Provide independent risk analysis and recommendation.
Collaborate between the AO and the program as well as Program leadership.
Identify the security baseline based on the mission and security impacts to the system.
Determine assessment criteria, develop, review, and create a plan to assess the security requirements.
Assess the security requirements in accordance with the assessment procedures defined in the Security Assessment Plan (SAP).
Prepare the Security Assessment Report (SAR).
Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate.
Develop the Risk Recommendation and AO Determination Brief.
Develop a system-level continuous monitoring strategy.
Author and present briefs regarding status of authorizations to AO and other senior Government officials.
Provides security architecture and DoD compliance advisory support.
Success Factors
Have a strong background in risk management, and governance, risk and compliance (GRC).
Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships.
Manage multiple priorities in a high-paced and fast-changing environment.
Perform other duties as assigned or required.
Education and Minimum Qualifications
Must have at least a Public Trust - Secret level clearance preferred.
Bachelor's degree in computer science/information technology, or other related degree fields (master's degree is preferred or at least 5 years of related experience)
At least 5+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus.
At least one IAT/IAM or equivalent security certifications ex. Sec+, CISSP, CCSP, CISM, CISA, or CASP
Experience working with OSD leadership or Military component or branch.
Understanding of NIST 800 series guidelines, DoDI 8500.01, DoD 8140.03, rISO 27001, COBIT, DoD RMF, OVL, and current cybersecurity best practices.
Excellent communication/presentation skills briefing senior military and government civilian leadership.
Experienced with writing standard operating procedures.
Experience in hands on with eMASS, Xacta and/or other GRC tools.
Experience with Federal and FedRamp A&A Processes.
Clearance: Must have at least a Public Trust - Secret level clearance preferred.
Work Location: Washington DC (Remote)
Position Overview
The Security Control Assessor (SCA) plays a pivotal role in comprehensively understanding the cybersecurity posture of a given capability within CDAO. SCAs must go beyond a mere compliance focus on controls to articulate the inherent risks of systems. Success in this position requires expertise in statutory guidance such as the NIST 800 series, DoDI 8500.01, DoD 8140.03, ISO 27001, COBIT, DoD RMF, and Operation Vulcan Logic (OVL), along with current cybersecurity best practices
The SCA provides authoritative risk determinations and recommendations critical for the Authorizing Official (AO) to grant an Authority to Operate (ATO). Their assessments integrate technical rigor with regulatory compliance, ensuring a robust security posture and informing strategic decision-making.
Work Location
Full time remote. Candidates in the Washington DC Metropolitan preferred. Travel requirements will vary with location, however, expect approximately 10% to 25%.
Job Responsibilities
Provide the AO with an independent risk assessment of assigned systems and an authorization.
Advise Program Managers on AO determination utilizing OVL documentation.
Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities.
Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program.
Providing support regarding the agile authorization and OVL processes.
Provide independent risk analysis and recommendation.
Collaborate between the AO and the program as well as Program leadership.
Identify the security baseline based on the mission and security impacts to the system.
Determine assessment criteria, develop, review, and create a plan to assess the security requirements.
Assess the security requirements in accordance with the assessment procedures defined in the Security Assessment Plan (SAP).
Prepare the Security Assessment Report (SAR).
Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate.
Develop the Risk Recommendation and AO Determination Brief.
Develop a system-level continuous monitoring strategy.
Author and present briefs regarding status of authorizations to AO and other senior Government officials.
Provides security architecture and DoD compliance advisory support.
Success Factors
Have a strong background in risk management, and governance, risk and compliance (GRC).
Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships.
Manage multiple priorities in a high-paced and fast-changing environment.
Perform other duties as assigned or required.
Education and Minimum Qualifications
Must have at least a Public Trust - Secret level clearance preferred.
Bachelor's degree in computer science/information technology, or other related degree fields (master's degree is preferred or at least 5 years of related experience)
At least 5+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus.
At least one IAT/IAM or equivalent security certifications ex. Sec+, CISSP, CCSP, CISM, CISA, or CASP
Experience working with OSD leadership or Military component or branch.
Understanding of NIST 800 series guidelines, DoDI 8500.01, DoD 8140.03, rISO 27001, COBIT, DoD RMF, OVL, and current cybersecurity best practices.
Excellent communication/presentation skills briefing senior military and government civilian leadership.
Experienced with writing standard operating procedures.
Experience in hands on with eMASS, Xacta and/or other GRC tools.
Experience with Federal and FedRamp A&A Processes.
group id: 10290999
