×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant

Cloud Security Control Assessor

Job in Washington, District of Columbia, 20022, USA
Listing for: Steampunk, Inc.
Full Time position
Listed on 2026-01-23
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 115000 - 165000 USD Yearly USD 115000.00 165000.00 YEAR
Job Description & How to Apply Below

Steampunk wants you to be a Cloud Security Control Assessor on our team to support a government customer. The primary responsibilities for the position are to support all security assessment activities that ensure risk within the system is maintained at an acceptable level. The nature of the work requires that the candidate demonstrates initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast‑paced, fluid business environment.

The candidate must be able to communicate effectively and decisively with all levels of the organization and be able to solve practical problems as well as exercise sound judgement with regard to sensitive and confidential information.

Contributions
  • Lead security assessments in accordance with NIST SP 800-53, NIST RMF (SP 800-37), FedRAMP, and agency‑specific guidance.
  • Evaluate technical, operational, and management controls across cloud, on‑premises, and hybrid environments.
  • Develop Assessment Plans and Security Assessment Reports (SARs).
  • Coordinate with Information System Security Officers (ISSOs), System Owners, and authorization officials to review evidence and mitigate control deficiencies.
  • Analyze vulnerability scans, configuration baselines, and penetration test results to determine control effectiveness.
  • Provide technical recommendations to remediate weaknesses and strengthen security posture.
  • Maintain assessment documentation in compliance with organizational and federal standards (e.g., FISMA, FedRAMP).
  • Present findings and risk analysis to management and Authorization Officials (AOs).
  • Support continuous monitoring processes and control validation efforts for ongoing authorization.
Qualifications
  • Bachelor's Degree and 5 years of relevant IT cybersecurity experience; OR
  • No degree with a total of ten (10) years of cybersecurity experience, including two (2) years of FISMA experience.
  • One of the following certifications (may be obtained within six (6) months of hire):
  • CISSP
  • CASP
  • CISA
  • CISM
  • Familiarity with one or more: DHS Directive 4300A and NIST Special Pubs 800-30, 800-37, 800-39, 800-53, 800-60.
  • Strong understanding of NIST SP 800-53 controls, FIPS publications 199 and 200, and cybersecurity compliance standards.
  • Hands‑on experience reviewing security control artifacts related to the NIST SP 800-53 controls.
  • Proficiency with assessment tools (e.g., Nessus, Splunk, Tenable.

    SC, SCAP scanners).
  • Direct experience providing independent evaluations for system authorization packages, including in cloud environments (AWS, Azure, etc.).
  • Analytical skills to interpret vulnerabilities, compliance gaps, and potential threats in diverse systems.
  • Understands the difference between cloud and non‑cloud security control baselines.
Preferred Qualifications
  • Experience as an Information System Security Officer (ISSO).
  • Experience with Vulnerability, Configuration, and Asset Management tools in support of Continuous Monitoring.
  • Excellent analytical, written, and verbal communication skills.
  • Strong attention to detail in preparing federal security documentation.
  • Experience with POA&M management.
  • Experience performing Security Authorization.
  • Experience performing Risk Analysis and Assessment.
  • Experience with CSAM or similar GRC tool.
Preferred Skills
  • Experience providing ISSO support to DHS.
  • Experience supporting systems hosted in Cloud environments.
  • Experience supporting systems in Agile and Dev Ops environments.
About Steampunk

Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $115,000 to $165,000. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Seniority level

Mid‑Senior level

Employment type

Full‑time

Job function

Information Technology

Industries

IT Services and IT Consulting

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search