Security Controls Assessor

UltraViolet Cyber

$110K — $125K *
Education, Government & Non-Profit
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship required.
  • Bachelor's degree in cybersecurity, computer science, information systems, or related field (or 6 years of experience equivalency).
  • 7+ years of hands-on experience in cybersecurity, audit, or compliance, focusing on RMF and NIST 800-series.
  • Deep understanding of NIST SP 800-53, NIST SP 800-53A, and FISMA regulatory guidelines.
  • Industry certifications like CISSP, CISA, or CAP are required.
  • Federal background investigation required; prior DHS suitability preferred.

Responsibilities

  • Plan and execute comprehensive security control assessments as per RMF and FISMA frameworks.
  • Review system configurations and perform technical testing to validate security posture.
  • Compile assessment results into Security Assessment Reports and generate risk determinations.
  • Identify control weaknesses and support the development of Plans of Action and Milestones.
  • Guide junior assessors and coordinate assessment activities with stakeholders.

Benefits

  • 401(k) with employer match of 100% on the first 3% and 50% on the next 2%.
  • Medical, Dental, and Vision Insurance effective on the 1st day of the following month after starting.
  • Group Term Life, Short-Term Disability, and Long-Term Disability coverage.
  • Voluntary Life, Hospital Indemnity, Accident, and Critical Illness options available.
  • Participation in the Discretionary Time Off (DTO) Program.
  • 11 Paid Holidays annually.
Full Job Description
UltraViolet Cyber is seeking to hire a Senior Security Control Assessor (SCA) to act as an independent evaluator to ensure the effectiveness of management, operational, and technical security controls. The candidate will lead cybersecurity compliance assessments, identify control gaps and vulnerabilities, and recommend risk-mitigation strategies to support enterprise system authorization.

What You'll Do:

  • Assessment Execution: Plan and execute comprehensive security control assessments in accordance with frameworks like the Risk Management Framework (RMF) and FISMA.
  • Testing & Evaluation: Review system configurations, evaluate evidence, and perform technical testing (e.g., vulnerability scanning) to validate security posture.
  • Documentation & Reporting: Compile assessment results into Security Assessment Reports (SARs) and generate risk determinations for Authorizing Officials (AOs).
  • Remediation & Tracking: Identify control weaknesses and support the development of Plans of Action and Milestones (POA&Ms).
  • Team Leadership: Guide junior assessors, review deliverables, and coordinate assessment activities with ISSOs, system owners, and stakeholders.


What You've Done:

  • US Citizenship is required for this role.
  • Education: Bachelor's degree in cybersecurity, computer science, information systems, or a related field. (Or 6 years of experience equivalency)
  • Experience: 7+ years of hands-on experience in cybersecurity, audit, or compliance, with specialized focus on RMF and NIST 800-series publications.
  • Regulatory Expertise: Deep understanding of statutory guidance such as NIST SP 800-53, NIST SP 800-53A, and FISMA.
  • Certifications: Industry-recognized credentials such as the Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Authorization Professional (CAP).
  • Background Investigation: This role requires a Federal background investigation. A current or prior DHS suitability is highly preferred.


What We Offer:

  • 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
  • Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
  • Group Term Life, Short-Term Disability, Long-Term Disability
  • Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
  • Participation in the Discretionary Time Off (DTO) Program
  • 11 Paid Holidays Annually


$110,000 - $125,000 a year

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.

Similar Jobs

More Jobs at UltraViolet Cyber

More Education, Government & Non-Profit Jobs

Find similar Security Controls Assessor jobs: