Back to search
Castro & Company Linkedin · Posted today

NIST Security Control Assessor

San Juan

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Nist Security Control Assessor

We are currently seeking a NIST 800-53 Security Control Assessor interested in starting a rewarding career in public accounting by joining our Information Technology (IT) practice to serve our federal clients. If you are dedicated and eager to grow your auditing career, we will provide you with a supportive team, resources, and training to succeed.

Responsibilities

As a Security Control Assessor your responsibilities will include:

  • Perform independent assessments of security controls in accordance with NIST SP 800-53 and NIST SP 800-53A
  • Evaluate the design and operating effectiveness of technical, operational, and management controls across federal information systems
  • Develop and execute Security Assessment Plans (SAPs), including test procedures, sampling approaches, and evidence requirements
  • Conduct control testing activities (interviews, documentation review, and technical validation) in alignment with Risk Management Framework (RMF)
  • Analyze assessment results to identify control deficiencies, gaps, and risk exposures
  • Document findings with clear risk statements, root cause analysis, and recommended remediation actions
  • Prepare Security Assessment Reports (SARs) and present results to Authorizing Officials (AOs), system owners, and stakeholders
  • Support Authorization to Operate (ATO) processes, including control validation and continuous monitoring activities
  • Collaborate with system owners, ISSOs, and engineering teams to validate remediation efforts and perform re-testing
  • Maintain assessment documentation within GRC tools (e.g., ServiceNow)
  • Stay current with evolving federal cybersecurity requirements, including FISMA and OMB/NIST guidance
  • Contribute to audit readiness and compliance initiatives across client environments

Requirements

  • Must have Bachelor’s Degree in an IT- related degree from an accredited school.
  • Must be able to obtain Security Clearance: Must be able to pass a basic government suitability check (US Citizenship required).
  • Must have 5-8 Years of technical experience NIST 800-53 assessments.
  • Must have strong knowledge and demonstrated understanding of NIST 800-53, security and privacy controls.
  • Must have strong analytical and problem-solving skills
  • Must have experience communicating technical findings to both technical and non-technical stakeholders
  • Must be detail-oriented with strong documentation and reporting skills
  • Must have experience working independently and collaboratively in a team environment
  • Certification (preferred) includes CISSP, Security+, CISA

Castro Puerto Rico is a Professional Services Center headquartered in San Juan, Puerto Rico, delivering advisory, accounting, audit and IT support services to Federal Government clients. We are dedicated to assisting our clients to accomplish their strategic goals while providing our people with a diverse and inclusive environment to thrive and succeed.

Castro Puerto Rico is an Equal Opportunity Employer and considers all qualified applicants without regard to color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability and any other classification protected by law.

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent