Security Control Assessor - United States - 28976 - Maximus

General information

Job Posting Title

Security Control Assessor

Date

Friday, March 14, 2025

City

Arlington

State

Country

United States

Working time

Full-time

Description & Requirements

Maximus is searching for a Security Control Assessor (SCA) to join a DoD program in Arlington, VA.

The Security Control Assessor is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an SAP information system to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system)

This position is on-site, five days a week and requires a TS/SCI clearance.

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7

Job-Specific Essential Duties and Responsibilities:

Monitor and evaluate system compliance with information technology (IT) security, resilience, and dependability requirements
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
Experience with assessing cloud-based security authorizations (FedRamp, AWS & Azure) as well as the NIST control responsibilities
Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations
Draft Security Assessment Reports (SAR) based on the findings from the system assessment
Provide expert security advice and recommendations to manage identified risks
Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies

Job-Specific Minimum Requirements:

Due to contract requirements, candidates must possess an active TS/SCI clearance
A Bachelor’s degree in a Cybersecurity Discipline or related field is required for this position. 4 years of relevant work experience may be considered in lieu of the degree requirement.
10+ years of experience working with Risk Management Framework (RMF) / Cybersecurity Compliance.
Must meet 8140 baseline certification requirements (CISSP, CCNA, CySA+, GISCP, Sec+CE, CND, SSCP etc.)
Excellent written and verbal communication skills

Preferred Skills and Qualifications

7+ years of experience as a cyber security assessor and/or ISSO
7+ years of experience with the following tools: SCAP, ACAS, Vulnerator, HBSS, eMASS
7+ years of experience understanding DISA STIG Security configuration baselines
Knowledge and experience performing network security vulnerability assessments

#techjobs #clearance

Minimum Requirements

TCS040, T4, Band 7

EEO Statement

Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

Pay Transparency

Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.