Jobs · Information Technology · Virginia

Senior IT Security Control Assessor

Guidehouse · McLean, VA · 6 days ago
On-siteInformation TechnologyFull-time

About the role

Lead teams conducting FISMA security control assessments in accordance with NIST SP 800-53 and NIST SP 800-53A.
Support system authorization efforts across the RMF lifecycle.
Perform control testing, interviews, and evidence reviews for management, operational, and technical controls.
Document assessment results, findings, and risk determinations in SARs and related ATO artifacts.
Identify control gaps, weaknesses, and POA&M items with clear, actionable remediation guidance.
Coverage of continuous monitoring activities, including ongoing control assessments and ad hoc reviews.
Oversee team deliverable reviews, offering real-time feedback and coaching to improve quality and performance.

Responsibilities

  • Lead teams conducting FISMA security control assessments in accordance with NIST SP 800-53 and NIST SP 800-53A.
  • Support system authorization efforts across the RMF lifecycle.
  • Perform control testing, interviews, and evidence reviews for management, operational, and technical controls.
  • Document assessment results, findings, and risk determinations in SARs and related ATO artifacts.
  • Identify control gaps, weaknesses, and POA&M items with clear, actionable remediation guidance.
  • Coverage of continuous monitoring activities, including ongoing control assessments and ad hoc reviews.
  • Oversee team deliverable reviews, offering real-time feedback and coaching to improve quality and performance.

Requirements

  • Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
  • Minimum of FIVE (5) years of experience in cybersecurity.
  • Must be able to OBTAIN and MAINTAIN a Federal or DoD "SECRET" security clearance; candidates must obtain approved adjudication of clearance prior to onboarding with Guidehouse.
  • Must have relevant certifications preferred (e.g., CISSP, CISA, CAP, GSLC).
  • Demonstrated experience performing FISMA or RMF-based security control assessments.
  • Strong working knowledge of FISMA, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37.
  • Experience assessing cloud-based systems, including inherited controls.
  • Ability to clearly document technical and non-technical findings for audit-ready reporting.
  • Understanding of federal cybersecurity compliance requirements and governance processes.
  • Team leadership experience.

Qualifications

  • Master’s Degree in Computer Science, Information Technology, Cybersecurity, or related field.
  • Certified Information Systems Security Professional (CISSP).
  • Knowledge of cloud security (FedRAMP).
  • Experience with security tools (ACAS/Nessus, Splunk, etc.).
  • Project management experience.

Skills

  • Strong written and verbal communication skills.
  • Ability to work independently and as part of a team.
  • Attention to detail and ability to manage multiple projects simultaneously.
  • Strong problem-solving and analytical skills.
  • Ability to prioritize tasks and meet deadlines.

Benefits

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefits Include Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Position may be eligible for a discretionary variable incentive bonus
Parental Leave and Adoption Assistance
401(k) Retirement Plan
Basic Life & Supplemental Life
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
Short-Term & Long-Term Disability
Student Loan PayDown
Tuition Reimbursement, Personal Development & Learning Opportunities
Skills Development & Certifications
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Emergency Back-Up Childcare Program
Mobility Stipend

Pay

Competitive compensation based on experience and qualifications.

Schedule

Full-time position.

Similar jobs

Security Control Assessor

IPSecure, IncLackland Heights, Texas, United States· 1 wk ago
Information Technologyapply on recruitingbypaycor.com

Security Control Assessor

Boston Government Services, LLC (BGS)Knoxville Metropolitan Area· 1 wk ago
Information Technologyapply on workforcenow.adp.com