Senior Security Controls Assessor

Rapid Strategy This is a remote role $60.00 to $70.00 per hour
Share:
We are seeking a highly skilled Lead/Senior Security Controls Assessor (SCA) to oversee and execute comprehensive security assessments for the U.S. International Trade Commission (USITC). This senior-level position requires deep expertise in evaluating security and privacy controls, mentoring team members, and driving compliance with federal standards such as NIST SP 800-53 Rev. 5, FISMA, and FIPS Moderate baselines. The Lead/Senior SCA will serve as a primary point of contact for stakeholders, ensuring the delivery of actionable insights and strategic recommendations to enhance system security and resilience.Key Responsibilities
  • Lead the planning, execution, and reporting phases of security control assessments (SCAs) across ITCNet, HTS, and IS systems.

  • Provide strategic guidance on assessment methodologies, ensuring alignment with NIST SP 800-53A Rev. 5 and federal compliance standards.

  • Conduct advanced technical evaluations of boundary protections, encryption mechanisms, access controls, and other critical security controls.

  • Oversee the use of tools such as Tenable Nessus, Burp Suite, and PowerShell scripts to perform vulnerability scans and validate control implementations.

  • Mentor and provide technical guidance to junior and mid-level assessors, fostering a collaborative and high-performing team environment.

  • Review and validate evidence gathered during assessments, including system configurations, logs, and supporting documentation.

  • Develop comprehensive Plans of Action and Milestones (POA&Ms), executive summaries, and compliance matrices for key stakeholders.

  • Present findings and strategic recommendations to senior USITC leadership during formal briefings and debrief sessions.

  • Identify emerging risks and propose innovative solutions to enhance long-term security posture and operational resilience.

Required Qualifications
  • Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent work experience).

  • 7+ years of experience conducting security assessments in federal environments, including leading teams or managing projects.

  • Advanced knowledge of NIST SP 800-53 Rev. 5, FIPS Moderate baselines, and FISMA compliance.

  • Expertise in vulnerability scanning and testing tools, including Tenable Nessus and Burp Suite, with hands-on experience in manual and automated assessments.

  • Exceptional analytical, problem-solving, and technical writing skills, with a proven ability to present findings to senior leadership.

  • Strong understanding of risk management frameworks, including RMF and executive mandates like EO 14028.

Preferred Qualifications
  • Certifications such as CISSP, CISM, CAP, or CISA.

  • Experience assessing cloud environments (AWS, Azure, GCP) and hybrid telework infrastructures.

  • Familiarity with tools like Xacta, ServiceNow GRC, or similar platforms.

Work Environment

  • Remote work with virtual meetings via Microsoft Teams or equivalent tools; occasional travel may be required for in-person engagements.

OR
 
By clicking the button, I agree to the GetHired Terms of Service and Privacy Policy
GetHired.com member? Login to Apply
 
Powered by GetHired.com | Terms of Service | Privacy Policy