Icon hamburger
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply Now

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

Security Controls Assessor Lead

Apex Systems Alexandria Full-Time
Apply Now

Cyber Security Professionals with outstanding customer and technical skills and whom shares our passion for results and customer success. In return, we offer challenging and exciting work environments and competitive compensation packages.

Location: Alexandria VA 

Direct hire position 

This position requires full U.S. Citizenship, and a recent or current Department of Homeland Security BI highly desired.

Responsibilities and Duties

  • Support NIST Risk Management Framework (RMF) based Assessment and Authorization (A&A) activities.
  • Monitor and prepare required actions and documents pertaining to the A&A of the system throughout its lifecycle, to include security evaluation findings and residual risks.
  • Conduct comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the systems.
  • Ensure required security authorization activities are completed and the results are documented in the DHS Information Assurance Compliance System IACS / XACTA tool.
  • Review and process Interconnection Security Agreements (ISAs), Policy Waivers, Approval to Test (ATT), and Interim Approval to Operate (IATO) documents.
  • Review IS security plans and other A&A documents for all applications to determine if DHS mandated procedures and tasks are followed, such as using IACS.
  • Assist the Government in preparing a written justification, when appropriate, to obtain a written waiver of policy for mandated security features.
  • Ensure that assigned systems/applications meet the minimum DHS A&A standards before a recommendation is made to the CISO for Authorization.
  • Attend Compliance Team meetings and provide reports in the approved format on the status of requested activities.
  • Update and upload all pertinent information for all systems within the DHS Headquarters FISMA portfolio repository.
  • Update relevant FISMA Compliance SOPs on a quarterly basis.
  • Provide guidance and support for all assigned Security Authorization activities.
  • Conduct Security Authorization entrance conferences.
  • Develop a preliminary Security Assessment Report (SAR).
  • Create the CSS Plan, including rules of engagement (ROE) for each major application, information system, or GSS undergoing authorization.
  • Document the results of the security control assessment, including recommendations for correcting any weaknesses or deficiencies in the controls, analyze findings, and develop risk mitigation techniques to address weaknesses
  • Contain the Contractor’s assessment of any required security controls.

Qualifications and Skills

You must have expert knowledge in:

  • Must have 5-7  years of relevant experience as a cyber security control assessor
  • U.S. Federal Information Assurance (IA), and the Risk Management Framework (RMF)
  • Related Best Practices from FedRAMP, NIST, and other sources
  • IT Security Engineering Life Cycle and Release Management
  • Assessment and Authorization (A&A), Certification and Accreditation (C&A), FISMA, FedRAMP, NIST SP 800-53, RMF
  • Risk and Issue Management and Mitigation
  • Strong written, verbal communication and presentation skills – no exceptions! Ability to interface with customers including presentations to senior executives
  • Demonstrated leadership and team development skills
  • Demonstrated success consulting at the senior management level
  • Solid time management, planning, and ability to scope prospective engagements, develop proposals and project plans
  • Must be able to obtain and maintain a Secret security clearance 
  • Must be on-site 40 hours per week - no telework


  • 100% paid premiums for health insurance, dental insurance, vision insurance, short-term and long-term disability, and life insurance for employee and dependents
  • 15 days Paid Time Off, in addition to 10 paid holidays
  • 401(k) with 3% match
  • $5,000 annual reimbursement of job-related training classes, seminars, and tuition


  • RMF/Security Control Framework: 5  years (Required)

EEO Employer

Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178


Recommended skills

Cyber Security
Control Framework
Security Controls
Federal Information Security Management Act
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 951666


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.


Apex Systems is a division of the 2nd largest IT staffing and services firm in North America. From consulting to staff augmentation, we connect top tech talent with great companies in all industries.


Apex earned Inavero’s Best of Staffing™ Client Diamond and Talent Awards for providing superior service to clients and job seekers, putting the company in the top 2 percent of all U.S. staffing agencies.


We take the time to understand a candidate’s talents and needs to ensure a good match with companies for contract, contract-to-hire, and direct hire positions. Each recruiter within Apex is focused on a specific skill area within infrastructure, applications, and project management. This focused discipline enables our local recruiters to work directly with our candidate’s and focus their talent on the right position at the right time.


We serve Fortune 500, mid-market, and emerging companies from a wide variety of industries, including communications, energy, financial services, government services, healthcare, technology, and utilities. 


Apex has branches in over 70 locations across the U.S. and Canada and more than 1,000 employees dedicated to supporting the needs of our clients and contract team members. Visit www.apexsystems.com to find a local branch or connect with an Account Manager or Recruiter.

View the full profile