Avint

Security Controls Assessor (SCA) - Senior

Avint  •  $125k/yr  •  United States (Remote)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Avint is seeking a highly motivated Senior Security Controls Assessor (SCA) in support of a critical federal contract. The Senior SCA is a subject matter expert responsible for executing comprehensive, independent assessments of the organization’s most complex information systems, applications, and cloud infrastructures. Operating as a senior-level individual contributor, this role focuses on verifying the implementation, correctness, and effectiveness of technical, operational, and management security controls. The Senior SCA handles the most complex, critical, or sensitive system assessments, serving as a technical mentor to junior assessors and a primary technical advisor to system owners during the Risk Management Framework (RMF) lifecycle.

Requirements

Education:

· Bachelor’s degree (BS/BA) OR equivalent professional experience.

· Security+; higher certifications such as CISSP, CAP, or CASP desired.

Experience:

· Minimum of 8-10 years of dedicated experience in cybersecurity, information

assurance, or IT auditing.

· At least six (6) years of dedicated experience performing hands-on security controls

assessments of the most complex (C4) systems.

Clearance Requirements:

· Must be a U.S. citizen (no dual citizenship).

· Ability to pass a background investigation.

· Able to obtain and maintain DHS Suitability/Entry on Duty (EOD).

Soft Skills:

· Strong analytical, critical thinking, and problem-solving skills with a high level of technical professional skepticism. · Excellent technical writing skills, with the ability to clearly document complex technical findings and defend assessment results to stakeholders. · Exceptional interpersonal and diplomatic skills, allowing for productive collaboration with system administrators, developers, and management.

Position Responsibilities

Security Assessment and Validation

· Lead comprehensive security control assessments of complex information systems

using interview, examination, and testing methods.

· Verify compliance with established frameworks such as NIST SP 800-37, NIST SP

800-53, NIST SP 800-171, FISMA, and/or FedRAMP, depending on organizational

requirements.

· Analyze system architectures, network diagrams, configuration settings, and policies to

identify vulnerabilities and compliance gaps.

· Review vulnerability scanning results (e.g., Nessus, Qualys) and penetration testing

reports to validate the implementation of technical controls.

Technical Mentorship and Quality Assurance

· Act as a senior technical escalation point and mentor for mid- and junior-level Security

Controls Assessors on the team.

· Perform peer reviews of assessment documentation, test results, and reports generated

by other team members to ensure technical accuracy and consistency.

· Support the SCA Team Lead in defining, refining, and standardizing assessment

methodologies, testing procedures, and reporting templates.

Reporting and Risk Management

· Author, review, and finalize high-quality Security Assessment Reports (SAR) detailing assessment findings, risks, and recommended remediations. · Present assessment findings and risk postures to Authorizing Officials (AO), system owners, and other stakeholders in clear, actionable terms. · Assist system owners in the development of realistic Plans of Action and Milestones (POA&M) to remediate identified deficiencies. · Collaborate with the Risk Management team to ensure assessment data accurately informs the organization’s continuous monitoring strategy. Continuous Improvement and Strategy · Stay current on emerging cyber threats, vulnerabilities, regulatory changes, and assessment techniques. · Identify opportunities to automate assessment processes and integrate modern tooling into the assessment lifecycle. · Participate in the development and refinement of enterprise information security policies, standards, and guidelines.

Technical Areas of Expertise

· Advanced knowledge of security control frameworks (specifically NIST SP 800-53,

NIST SP 800-37, and NIST SP 800-171).

· Familiarity with cloud security concepts (AWS, Azure, Google Cloud) and cloud

compliance frameworks (FedRAMP).

· Knowledge of operating system security, network protocols, access control

mechanisms, and vulnerability management tools.

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits, from competitive salaries, full health insurance, generous time off, and observation of federal holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development! Salary Range $125,000-$141,00

Avint

About Avint

Your Vision Achieved.

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

We understand the ever-evolving cyber threat landscape our nation faces. It is our mission to help federal and defense agencies, the intelligence community and commercial organizations alike to transform their security posture and, ultimately, defeat our adversaries. We optimize clients’ security investments by applying a holistic strategy that encompasses cyber and physical security governance, engineering, operations, compliance and management. Together, we build innovative and intuitive solutions that allow our clients to secure their assets with confidence.

Avint harnesses the expertise of world-class cyber and physical security leaders, technologists and innovators who share a passion for understanding what’s needed and what’s possible. Our team has provided advanced cybersecurity solutions within a wide range of technology environments across the country and around the world – and our continued success has earned us a reputation for being a trusted partner you can count on.

Avint was founded by CEO Marcie Nagel, a recognized national cybersecurity expert, U.S. Air Force and FBI veteran, and formal principal of the Continuous Diagnostics and Mitigation division of Booz Allen Hamilton. Learn more at avintllc.com.

Industry
IT & Software
Company Size
11-50 employees
Headquarters
Herndon, Virginia
Year Founded
2018
Social Media