Job Requirements
Annapolis Junction, MD
Top Secret/SCI Full Scope Polygraph
Senior Level Career (10+ yrs experience)
$190,000 - $230,000
Job Description
Senior Security Controls Assessor
Annapolis Junction, MD · Information Technology
Senior Security Control Assessor
Location: Annapolis Junction, MD
Overview
Our client is seeking a highly skilled Senior Security Control Assessor (SCA) to support verification and validation of security compliance for information systems, products, and components. This role requires strong expertise in security and systems engineering across multiple domains, along with the ability to perform comprehensive assessments and recommend effective mitigation strategies within a secure environment.
This position plays a critical role in supporting the certification and accreditation (C&A) of systems within a highly regulated environment. The ideal candidate will bring extensive experience in security engineering, vulnerability assessment, and compliance verification, along with certifications aligned with IAT III or IAM III requirements.
Key Responsibilities
Perform verification and validation of security compliance for low- and moderately complex information systems, products, and components
Review and analyze design specifications, system documentation, configuration practices, and operational procedures
Identify non-compliance with security requirements and recommend mitigation strategies
Conduct on-site evaluations to validate system security requirements
Verify that systems meet established security standards and controls
Perform vulnerability assessments and coordinate penetration testing activities
Develop and deliver comprehensive certification and validation reports
Collaborate with system owners and stakeholders to ensure adherence to security standards and best practices
Education & Experience
Minimum of 12 years of related experience in security engineering or system engineering
Bachelor’s degree in Computer Science, Information Technology, or related field may substitute for up to 4 years of experience
Experience in five or more of the following areas:
Telecommunications concepts
Operating systems
Databases / DBMS
Middleware
Applications
Web servers
SANs / NetApp technologies
Active Directory
Firewalls
Controlled interfaces
Required Certifications (IAT III or IAM III equivalent):
CISSP
CASP+ (SecurityX)
CISM
Required Skills
Strong understanding of system security engineering principles and practices
Experience with security compliance assessments and vulnerability analysis
Excellent analytical and problem-solving abilities
Ability to produce clear, detailed documentation and reporting
Familiarity with federal security regulations, standards, and frameworks
Benefits
4 weeks PTO + all federal holidays
10% retirement contribution (no employee match required)
Comprehensive health insurance
Nice to Have
AWS experience, particularly S3 and cloud environments
DevSecOps experience, including DAST and SAST testing
cATO experience
Equal Employment Opportunity
Our client is an Equal Opportunity Employer committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, or any other protected status under applicable federal, state, or local law.
We believe diverse perspectives strengthen innovation and are dedicated to creating an environment where all employees feel respected, valued, and empowered to succeed.
Annapolis Junction, MD · Information Technology
Senior Security Control Assessor
Location: Annapolis Junction, MD
Overview
Our client is seeking a highly skilled Senior Security Control Assessor (SCA) to support verification and validation of security compliance for information systems, products, and components. This role requires strong expertise in security and systems engineering across multiple domains, along with the ability to perform comprehensive assessments and recommend effective mitigation strategies within a secure environment.
This position plays a critical role in supporting the certification and accreditation (C&A) of systems within a highly regulated environment. The ideal candidate will bring extensive experience in security engineering, vulnerability assessment, and compliance verification, along with certifications aligned with IAT III or IAM III requirements.
Key Responsibilities
Perform verification and validation of security compliance for low- and moderately complex information systems, products, and components
Review and analyze design specifications, system documentation, configuration practices, and operational procedures
Identify non-compliance with security requirements and recommend mitigation strategies
Conduct on-site evaluations to validate system security requirements
Verify that systems meet established security standards and controls
Perform vulnerability assessments and coordinate penetration testing activities
Develop and deliver comprehensive certification and validation reports
Collaborate with system owners and stakeholders to ensure adherence to security standards and best practices
Education & Experience
Minimum of 12 years of related experience in security engineering or system engineering
Bachelor’s degree in Computer Science, Information Technology, or related field may substitute for up to 4 years of experience
Experience in five or more of the following areas:
Telecommunications concepts
Operating systems
Databases / DBMS
Middleware
Applications
Web servers
SANs / NetApp technologies
Active Directory
Firewalls
Controlled interfaces
Required Certifications (IAT III or IAM III equivalent):
CISSP
CASP+ (SecurityX)
CISM
Required Skills
Strong understanding of system security engineering principles and practices
Experience with security compliance assessments and vulnerability analysis
Excellent analytical and problem-solving abilities
Ability to produce clear, detailed documentation and reporting
Familiarity with federal security regulations, standards, and frameworks
Benefits
4 weeks PTO + all federal holidays
10% retirement contribution (no employee match required)
Comprehensive health insurance
Nice to Have
AWS experience, particularly S3 and cloud environments
DevSecOps experience, including DAST and SAST testing
cATO experience
Equal Employment Opportunity
Our client is an Equal Opportunity Employer committed to fostering a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, or any other protected status under applicable federal, state, or local law.
We believe diverse perspectives strengthen innovation and are dedicated to creating an environment where all employees feel respected, valued, and empowered to succeed.
group id: 91159706