×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Security Control Assessor

Job in Washington, District of Columbia, 20022, USA
Listing for: ECS
Full Time position
Listed on 2026-01-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 90000 - 120000 USD Yearly USD 90000.00 120000.00 YEAR
Job Description & How to Apply Below

Join to apply for the Security Control Assessor role at ECS

Location:

Washington, DC

ECS is seeking a Security Control Assessor to work in our Washington, DC office. This role is part of the Independent Security Control Assessment (ISCA) team, ensuring high-value and mission‑critical systems comply with federal cybersecurity policies.

Overview

The role supports the Department of State (DOS) and the Bureau of Diplomatic Technology (DT). The candidate will execute the full Risk Management Framework (RMF) Step 4 lifecycle, developing Security Assessment Plans (SAP), conducting detailed control testing under NIST SP 800‑53A Rev. 5, and producing Security Assessment Reports (SAR) for Authorizing Officials.

Key Responsibilities
  • Assessment Planning (RMF Step
    4): develop and finalize Security Assessment Plans, collaborate with stakeholders to define testing strategies.
  • Security Control Assessment: perform independent and comprehensive assessments using manual and automated techniques.
  • Reporting & Risk Analysis: develop SARs detailing findings, prepare risk acceptance recommendation reports and executive briefings.
  • Remediation & Continuous Monitoring: coordinate mitigation strategies, conduct retesting, support continuous monitoring by assessing a subset of controls annually.
Qualifications / Required Skills
  • Active Secret Security Clearance.
  • 5+ years of Information Security experience, with at least 3 years specifically supporting security assessment teams.
  • Deep understanding of NIST SP 800‑53 Rev. 5, NIST SP 800‑53A, and NIST SP 800‑37 Rev. 2.
  • Proven experience developing RMF artifacts including SAPs, SARs, and POA&Ms.
  • Experience with eGRC tools (e.g., Arch Angel, CSAM, Xacta, Archer) and analyzing vulnerability scan reports.
  • Strong communication skills, able to present control deficiencies and risk implications to both technical and non‑technical audiences.
Desired Skills
  • Certifications:

    CISSP, CISA, CEH, or CRISC (highly preferred).
  • Agency

    Experience:

    prior experience with the Department of State and High‑Value Asset (HVA) assessments.
  • Cloud Security: experience assessing systems hosted in AWS or Azure cloud environments.
Benefits

General description of benefits.

Compensation

Salary Range: $90,000 - $120,000.

EEO Statement

ECS is an equal opportunity employer and does not discriminate on the basis of any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable federal, state, or local jurisdiction law.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search