Posted 1 day ago
Secret
$103,000 - $129,000
Unspecified
Security
Remote/Hybrid• (Off-Site/Hybrid)
Avum is seeking an experienced Control Validation Security Analyst to perform comprehensive security audits and control validation activities for complex information systems supporting Federal and Department of Defense (DoD) operations. This role conducts rigorous security evaluations, vulnerability assessments, and control effectiveness testing to ensure compliance with DoD contracting system requirements and Federal cybersecurity standards.
The position specializes in security control validation, ensuring implemented safeguards are operating as intended and align with both mission requirements and risk tolerance. The analyst supports the Risk Management Framework (RMF) lifecycle for cloud-hosted Government systems handling sensitive contracting data, balancing security mitigations against business and operational needs.
Key Responsibilities
Required Qualifications
If You Have This, It's A Plus
What's In It For You
Location
This role is fully remote. The candidate must be available during core Eastern Standard Time (EST) hours, Monday through Friday, and may need to travel for occasional in-person meetings.
About Avum
Avum, Inc. is a certified Small Disadvantaged Business who provides advanced software, database, and business intelligence systems to the DoD/Military, Intelligence Community, and Federal, State, Local and Commercial clients since 1991. We manage technical programs and projects and provide strategic guidance to support our customer's system engineering efforts. We provide sustainment in mission-critical and secure environments. We support information assurance activities and accreditation for the systems we deploy. Our engineers conduct rapid prototyping and Agile customer-focused iterations to produce complex applications, predictive analytic data environments, and NIST SP 800-53 compliant system architecture deployed within Navy and DoD networks. We have subject matter experts in multiple domains and technical expertise across all core technology stacks. We specialize in application development, large-scale database design, data engineering, and data visualization. Through results-driven, agile collaboration, the company continually researches and deploys secure solutions that exceed customer expectations in meeting or beating customer-allocated budgets and schedules. We aspire to the highest standards of ethical behavior and professional integrity in providing our customers with service that consistently earns us the highest possible performance ratings.
Avum, Inc. does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
Salary Description
$103,000-$129,000
The position specializes in security control validation, ensuring implemented safeguards are operating as intended and align with both mission requirements and risk tolerance. The analyst supports the Risk Management Framework (RMF) lifecycle for cloud-hosted Government systems handling sensitive contracting data, balancing security mitigations against business and operational needs.
Key Responsibilities
- Execute comprehensive IT security audits on complex systems in accordance with DoD and Federal requirements.
- Perform security control validation to verify proper implementation and effectiveness of technical, operational, and management controls.
- Conduct vulnerability assessments and analyze findings to identify security gaps and risks.
- Support RMF activities including control selection, implementation validation, assessment, and authorization support.
- Evaluate applied security mitigations to determine alignment with security requirements and business objectives.
- Validate project security controls to ensure compliance with DoD contracting system standards.
- Document security findings, risk assessments, and remediation recommendations.
- Maintain and update RMF artifacts and assessment results within eMASS.
- Collaborate with system owners, engineers, and stakeholders to resolve security issues and implement corrective actions.
- Support audits, inspections, and compliance reviews while ensuring accuracy and quality of deliverables.
Required Qualifications
- US Citizenship with the ability to obtain and maintain a US Government Clearance.
- Minimum of two (2) years of experience working with DoDI 8500.2 and/or NIST SP 800-53, with demonstrated understanding of the Risk Management Framework (RMF).
- Strong analytical and problem-solving skills to identify, evaluate, and resolve security issues.
- Strong skills implementing and configuring networks and network components.
- Working knowledge of Enterprise Mission Assurance Support Service (eMASS).
- Understanding of how to weigh business and mission needs against security risks.
- Experience analyzing applied mitigations to determine whether they meet security requirements.
- Demonstrated knowledge of Risk Management Framework (RMF) concepts and processes
If You Have This, It's A Plus
- Experience supporting cloud-hosted Government systems (AWS GovCloud, Azure Government, etc.).
- Familiarity with DoD contracting or acquisition-related systems.
- Experience supporting ATO packages, continuous monitoring, and security assessments.
- Strong documentation and communication skills for both technical and non-technical audiences.
What's In It For You
- Being part of a remote-first environment that rewards dedication and innovation.
- Receiving competitive compensation and benefits package that includes bonuses and 401K with 6% matching that vest immediately.
- Joining a mission-driven technically forward team.
Location
This role is fully remote. The candidate must be available during core Eastern Standard Time (EST) hours, Monday through Friday, and may need to travel for occasional in-person meetings.
About Avum
Avum, Inc. is a certified Small Disadvantaged Business who provides advanced software, database, and business intelligence systems to the DoD/Military, Intelligence Community, and Federal, State, Local and Commercial clients since 1991. We manage technical programs and projects and provide strategic guidance to support our customer's system engineering efforts. We provide sustainment in mission-critical and secure environments. We support information assurance activities and accreditation for the systems we deploy. Our engineers conduct rapid prototyping and Agile customer-focused iterations to produce complex applications, predictive analytic data environments, and NIST SP 800-53 compliant system architecture deployed within Navy and DoD networks. We have subject matter experts in multiple domains and technical expertise across all core technology stacks. We specialize in application development, large-scale database design, data engineering, and data visualization. Through results-driven, agile collaboration, the company continually researches and deploys secure solutions that exceed customer expectations in meeting or beating customer-allocated budgets and schedules. We aspire to the highest standards of ethical behavior and professional integrity in providing our customers with service that consistently earns us the highest possible performance ratings.
Avum, Inc. does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
Salary Description
$103,000-$129,000
group id: 10145051
