NIST Security Control Assessor
Indexed description
Responsibilities
As a Security Control Assessor your responsibilities will include:
- Perform independent assessments of security controls in accordance with NIST SP 800-53 and NIST SP 800-53A
- Evaluate the design and operating effectiveness of technical, operational, and management controls across federal information systems
- Develop and execute Security Assessment Plans (SAPs), including test procedures, sampling approaches, and evidence requirements
- Conduct control testing activities (interviews, documentation review, and technical validation) in alignment with Risk Management Framework (RMF)
- Analyze assessment results to identify control deficiencies, gaps, and risk exposures
- Document findings with clear risk statements, root cause analysis, and recommended remediation actions
- Prepare Security Assessment Reports (SARs) and present results to Authorizing Officials (AOs), system owners, and stakeholders
- Support Authorization to Operate (ATO) processes, including control validation and continuous monitoring activities
- Collaborate with system owners, ISSOs, and engineering teams to validate remediation efforts and perform re-testing
- Maintain assessment documentation within GRC tools (e.g., ServiceNow)
- Stay current with evolving federal cybersecurity requirements, including FISMA and OMB/NIST guidance
- Contribute to audit readiness and compliance initiatives across client environments
- Must have Bachelor’s Degree in an IT- related degree from an accredited school.
- Must be able to obtain Security Clearance: Must be able to pass a basic government suitability check (US Citizenship required).
- Must have 5-8 Years of technical experience NIST 800-53 assessments.
- Must have strong knowledge and demonstrated understanding of NIST 800-53, security and privacy controls.
- Must have strong analytical and problem-solving skills
- Must have experience communicating technical findings to both technical and non-technical stakeholders
- Must be detail-oriented with strong documentation and reporting skills
- Must have experience working independently and collaboratively in a team environment
- Certification (preferred) includes CISSP, Security+, CISA
Castro Puerto Rico is an Equal Opportunity Employer and considers all qualified applicants without regard to color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability and any other classification protected by law.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search