Today
Public Trust
Mid Level Career (5+ yrs experience)
IT - Security
Remote/Hybrid•Arlington, VA (Off-Site/Hybrid)
Job Title: Senior Security Control Assessor
Location: Remote (Must be based in the DMV area)
Clearance: Public Trust
Job Type: Full-Time
About Blu Omega:
At Blu Omega, we are dedicated to supporting national security and safeguarding vital information. Join our mission-driven team where innovation, expertise, and integrity come together to make a meaningful impact.
Position Overview:
Blu Omega is seeking a detail-oriented and experienced Security Control Assessor (SCA) to perform comprehensive security and privacy control assessments of IT systems in alignment with the NIST Risk Management Framework (RMF). The successful candidate will bring hands-on expertise in evaluating security postures, identifying risks, and ensuring compliance with federal policies and frameworks. This is an excellent opportunity for professionals passionate about cybersecurity and risk management, looking to support critical national security initiatives.
Key Responsibilities:
Conduct independent security control assessments following NIST SP 800-37 and 800-53 standards, ensuring thorough evaluation of technical, operational, and managerial controls.
Review and analyze security documentation such as Security Supplement Plans (SSPs), Plans of Action & Milestones (POA&Ms), and security authorization documentation to support system Authorization to Operate (ATO) processes.
Identify and document vulnerabilities, compliance gaps, and security risks; develop and recommend effective mitigation strategies.
Assess the impact of system updates, network changes, or technology upgrades on overall security posture, providing guidance on risk implications.
Participate actively in governance and risk review boards, offering expert advice on security concerns and compliance issues.
Collaborate with system owners, engineers, and stakeholders to verify the proper implementation and functioning of security controls.
Support vulnerability scans, compliance audits, and configuration reviews to identify and remediate security issues promptly.
Contribute to the RMF documentation lifecycle, including creating and updating Concept of Operations (CONOPS), System Security Plans (SSPs), test plans, and risk assessments.
Required Skills & Experience:
Core Skills:
Strong risk assessment and threat modeling capabilities
Expertise in validating and testing security controls
Knowledge of RMF processes and NIST SP 800-53/800-37 standards
Experience tracking and remediating POA&Ms
Familiarity with vulnerability scanning tools such as Nessus, Qualys, etc.
Understanding of secure network architectures and system configurations
Technical Competence:
Solid understanding of cybersecurity principles: confidentiality, integrity, availability
Experience reviewing and developing security documentation
Knowledge of enterprise IT systems, cloud environments, and network infrastructure
Qualifications (Senior Level):
7+ years of experience in cybersecurity and risk assessment
Master’s degree or equivalent professional certifications and experience
Extensive expertise in A&A processes, RMF, and control assessments
Preferred Certifications (Optional but Beneficial):
CAP, CISSP, CISM, CISA, CEH, Security+, or similar credentials
Why Join Blu Omega?
Be part of a passionate team committed to national security and safeguarding critical information. At Blu Omega, you’ll have the opportunity to work on impactful projects in a collaborative environment that fosters professional growth, innovation, and excellence.
If you're eager to apply your cybersecurity expertise to meaningful work and enjoy a dynamic, mission-focused culture, we want to hear from you!
Location: Remote (Must be based in the DMV area)
Clearance: Public Trust
Job Type: Full-Time
About Blu Omega:
At Blu Omega, we are dedicated to supporting national security and safeguarding vital information. Join our mission-driven team where innovation, expertise, and integrity come together to make a meaningful impact.
Position Overview:
Blu Omega is seeking a detail-oriented and experienced Security Control Assessor (SCA) to perform comprehensive security and privacy control assessments of IT systems in alignment with the NIST Risk Management Framework (RMF). The successful candidate will bring hands-on expertise in evaluating security postures, identifying risks, and ensuring compliance with federal policies and frameworks. This is an excellent opportunity for professionals passionate about cybersecurity and risk management, looking to support critical national security initiatives.
Key Responsibilities:
Conduct independent security control assessments following NIST SP 800-37 and 800-53 standards, ensuring thorough evaluation of technical, operational, and managerial controls.
Review and analyze security documentation such as Security Supplement Plans (SSPs), Plans of Action & Milestones (POA&Ms), and security authorization documentation to support system Authorization to Operate (ATO) processes.
Identify and document vulnerabilities, compliance gaps, and security risks; develop and recommend effective mitigation strategies.
Assess the impact of system updates, network changes, or technology upgrades on overall security posture, providing guidance on risk implications.
Participate actively in governance and risk review boards, offering expert advice on security concerns and compliance issues.
Collaborate with system owners, engineers, and stakeholders to verify the proper implementation and functioning of security controls.
Support vulnerability scans, compliance audits, and configuration reviews to identify and remediate security issues promptly.
Contribute to the RMF documentation lifecycle, including creating and updating Concept of Operations (CONOPS), System Security Plans (SSPs), test plans, and risk assessments.
Required Skills & Experience:
Core Skills:
Strong risk assessment and threat modeling capabilities
Expertise in validating and testing security controls
Knowledge of RMF processes and NIST SP 800-53/800-37 standards
Experience tracking and remediating POA&Ms
Familiarity with vulnerability scanning tools such as Nessus, Qualys, etc.
Understanding of secure network architectures and system configurations
Technical Competence:
Solid understanding of cybersecurity principles: confidentiality, integrity, availability
Experience reviewing and developing security documentation
Knowledge of enterprise IT systems, cloud environments, and network infrastructure
Qualifications (Senior Level):
7+ years of experience in cybersecurity and risk assessment
Master’s degree or equivalent professional certifications and experience
Extensive expertise in A&A processes, RMF, and control assessments
Preferred Certifications (Optional but Beneficial):
CAP, CISSP, CISM, CISA, CEH, Security+, or similar credentials
Why Join Blu Omega?
Be part of a passionate team committed to national security and safeguarding critical information. At Blu Omega, you’ll have the opportunity to work on impactful projects in a collaborative environment that fosters professional growth, innovation, and excellence.
If you're eager to apply your cybersecurity expertise to meaningful work and enjoy a dynamic, mission-focused culture, we want to hear from you!
group id: 91121246
