Security Control Assessor, Intermediate

AGE Solutions is looking for Security Control Assessor, Intermediate to join our team in support of an upcoming cybersecurity risk management and assessment program with our DoD customer. The Assessors will be part of a project team responsible for Cybersecurity Assessments and Authorization (A&A), Risk Management, Information Assurance (IA) Support, and Risk Adjudication and Connection services.

Individuals in this role must be able and willing to travel extensively, approximately 85%.

Responsibilities Include:

• Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN.
• Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing.
• Adhere to policies and processes for each assessment type.
• Support assessment development and execution to ensure security expertise is properly applied.
• Coordinate logistics, test plans, and scope with the SCA Team Lead.
• Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS.
• Analyze security gaps and provide mitigation recommendations.
• Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines.
• Provide risk analysis and assessment results for authorization recommendations.
• Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R.

Position Requirements:

• Bachelor's degree (IT-related field preferred)
• Five (5) years of overall experience in cybersecurity or network security position
• Three (3) years of experience in a Certification and Accreditation/A&A role
• Have an active DoD Top Secret clearance with SCI eligibility
• DoD 8570 IAM/IA Technical (IAT) Level II certification
• Demonstrated experience with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices
• Strong understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253
• Demonstrated experience with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
• Demonstratable understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications
• Strong written and verbal communication skills for reporting assessment findings.

Compensation: $98,000 - $103,000