×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Systems Engineer IT Consultant

Control Validation Security Specialist Senior

Remote / Online - Candidates ideally in
Virginia, St. Louis County, Minnesota, 55792, USA
Listing for: BMA
Remote/Work from Home position
Listed on 2026-03-12
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Systems Engineer, IT Consultant
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

BMA is seeking a Control Validation Security Specialist – Senior to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) program. This is a fully remote position and contingent on contract award.

Job Summary

BMA is seeking a Control Validation Security Specialist – Senior to support our DLA Cybersecurity Policy and Oversight Support Services (CPOSS) contract. The position provides advanced cybersecurity assessment and validation support to the CPOSS program supporting DLA’s J6/J611 Cybersecurity Directorate. The specialist independently conducts information system security control validation, RMF authorization package reviews, and enterprise cybersecurity assessments across DLA systems, networks, applications, and enclaves.

This role ensures cybersecurity controls are properly implemented, operating effectively, and compliant with Federal, DoD, and DLA cybersecurity policies. The specialist performs technical evaluations of cybersecurity posture, analyzes system risks, validates mitigation strategies, and provides recommendations to strengthen enterprise security while balancing operational mission requirements. Working in support of the Security Control Assessor (SCA) Representative Team, the position contributes to enterprise RMF authorization oversight, continuous monitoring verification, and cybersecurity policy compliance activities across classified and unclassified environments.

Key Responsibilities
  • Cybersecurity Control Validation and IT Audit Support:
    Independently perform information system security control validation and IT audit activities across complex information systems, applications, networks, and enclaves. Verify that cybersecurity controls are properly implemented, configured correctly, and operating in accordance with federal and DoD cybersecurity requirements. Conduct cybersecurity assessments to determine whether implemented controls effectively protect systems from unauthorized access, misuse, or destruction. Validate compliance with cybersecurity policies and standards applicable to DLA enterprise systems.
  • RMF Authorization and Security Assessment Support:
    Support the enterprise RMF authorization process in accordance with DoDI 8510.01 RMF for DoD IT. Perform technical reviews of RMF authorization packages, supporting documentation, and system security artifacts. Analyze residual risk and determine whether implemented security controls satisfy security requirements and authorization standards. Assist in preparing security assessment reports and authorization recommendations for review by the Security Control Assessor and Authorizing Official.
  • Continuous Monitoring and Vulnerability Analysis:
    Conduct cybersecurity control validation exercises on classified and unclassified systems to verify the effectiveness of implemented security measures. Perform vulnerability assessments and analyze security weaknesses to identify potential threats to enterprise systems. Evaluate remediation activities and mitigation strategies to determine whether corrective actions adequately address security findings. Support enterprise continuous monitoring initiatives and cybersecurity risk analysis.
  • Security Analysis and Technical Evaluation:
    Perform technical evaluations of customer systems to identify security weaknesses and recommend improvements to strengthen cybersecurity posture. Analyze network security configurations and system architectures to verify secure implementation of cybersecurity controls. Provide recommendations for improving cybersecurity controls, risk mitigation strategies, and security implementation practices. Balance mission requirements with cybersecurity controls by evaluating operational needs against risk considerations.
  • Documentation, Reporting, and Coordination:
    Document findings from security control assessments, audits, and validation activities in formal reports and assessment summaries. Prepare technical documentation and supporting evidence to support RMF reviews and cybersecurity compliance activities. Coordinate with program managers, system managers, and Information System Security Managers to resolve cybersecurity issues and…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search