CrawlJobs Logo
Columbia Technology Partners Logo Columbia Technology Partners · IT - Administration

Security Control Assessor Level 3

United States, Annapolis Junction · Job Posted January 26, 2026
Apply Position
Job Link Share

Job Description

The role is responsible for performing verification and validation (V&V) activities to ensure the security compliance of low to moderately complex information systems, products, and components. This includes reviewing system designs, configuration practices, and operational procedures; identifying security non‑compliance issues; and recommending appropriate mitigations. The position involves conducting on‑site evaluations, validating security requirements, coordinating vulnerability assessments and penetration testing, and producing comprehensive certification reports. The role may also contribute to process improvements and the development of related standards and guidelines.

Job Responsibility

  • Analyze system design specifications, design documentation, configuration procedures, and operational practices to assess security compliance
  • Conduct on‑site evaluations of information systems, products, and components
  • Perform verification and validation activities to ensure systems meet defined security requirements
  • Identify instances of non‑compliance and recommend viable mitigation strategies
  • Validate the security requirements of the information system and confirm adherence through testing and documentation review
  • Conduct vulnerability assessments and coordinate penetration testing efforts
  • Prepare and deliver comprehensive verification and validation (certification) reports
  • Facilitate penetration testing activities as part of the assessment process
  • Provide recommendations for security process improvements
  • Contribute to drafting standards, guidelines, and best practices for system usage and security compliance

Requirements

  • U.S. Citizenship is required for all applicants
  • DoD 8570 compliance with IAT III or IAM III is required
  • Twelve (12) years of experience in security, systems engineering, or system assessment
  • At least three (3) years of recent experience in five (5) or more of the following areas: Cybersecurity principles and technologies
  • Access control and authorization
  • Identification and authentication
  • Public Key Infrastructure (PKI)
  • Network and enterprise security architecture
  • Bachelor's degree in Computer Science, Information Technology Engineering, or a related field is required
  • A Master's degree in a related field may substitute for two (2) years of experience
  • In lieu of a Bachelor's degree, an additional four (4) years of security or systems engineering experience may be substituted
  • This position requires an active Security Clearance with appropriate Polygraph
  • All applicants and employees are subject to random drug testing
  • Employment is contingent upon successful completion of a security background investigation and polygraph

What we offer

  • Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options
  • Vision + Dental: Both free to you + paid in full by CTP
  • Retirement: 401k - 6% company contribution
  • PTO + Leave: Offering customizable leave plans
  • Jury Duty, Bereavement + Military Leave provided
  • Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition
  • Life and AD&D Insurance/Short-Term & Long-Term Disability: at zero cost to you
  • Profit Sharing Bonus: End of year cash gets added to your bottom-line
  • Referral Bonus Program: Our bonuses range from $7,000-$20,000
Columbia Technology Partners - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Control Assessor Level 3

8 matching positions

Security Control Assessor Level 3

Conduct verification and validation for security compliance of low and moderatel...
Location
Location
United States , Annapolis Junction
Salary
Salary:
Not provided
ctp-web.com Logo
Columbia Technology Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Twelve (12) years experience in security, systems engineering or system assessment
  • Recent experience within the last three (3) years in five (5) or more of the following areas: Cybersecurity principles and technology, including access/control, authorization, identification and authentication, PKI, network and enterprise security architecture
  • Bachelor's degree in Computer Science or Information Technology Engineering or related field of study
  • U.S. Citizenship
  • DoD 8570 compliance with IAT III or IAM III
  • Active Security Clearance with appropriate Polygraph
Job Responsibility
Job Responsibility
  • Conduct verification and validation for security compliance of low and moderately complex information systems, products, and components
  • Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedures
  • Provide identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance
  • Conduct on-site evaluations
  • Validate the security requirements of the information system
  • Verify and validate that the system meets the security requirements
  • Provide vulnerability assessment of the system, coordinate penetration testing, and provide a comprehensive verification and validation report (certification report) for the information system
  • Provide process improvement recommendations
  • Draft standards and guidelines for usage
  • Facilitate penetration testing
What we offer
What we offer
  • Medical: 3 superior plans with in-network and out-of-network options
  • Vision + Dental: free to employee and paid in full by CTP
  • Retirement: 401k - 6% company contribution
  • PTO + Leave: customizable leave plans
  • Jury Duty, Bereavement + Military Leave provided
  • Career Growth: up to $10,000 for approved career-related learning, training, education, and/or tuition
  • Life and AD&D Insurance/Short-Term & Long-Term Disability: at zero cost to employee
  • Profit Sharing Bonus: End of year cash
  • Referral Bonus Program: bonuses range from $7,000-$20,000
  • Fulltime
Read More
Arrow Right

Security Control Assessor (SCA) Professional– Level IV/Subject Matter Expert (SME)

Arcfield's Cyber programs are expanding and are currently in need of Level IV/ S...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with polygraph
  • BA/BS or higher STEM degree
  • BS 8-10 years of experience, MS 6-8 years of experience, PhD 3-5 years of experience
  • SCA experience
  • Certifications (At least one of the below): CAP, CASP, CISM, CISSP (or Associate), GSCL, CGRC/CAP, Cloud+, CYSA+, GSEC, PenTest+
  • Relevant experience in technical project management
  • Advanced IS security skills and knowledge
  • Familiarity with IA concepts
  • Ability to review and recommend vulnerability and risk levels associated with SW and HW products
  • Practical experience developing and implementing security related directives
Job Responsibility
Job Responsibility
  • Review and assess information systems (IS) for compliance with IC, DoD, and ND guidelines
  • Provide IS security advice and guidance to government and industry partners
  • Advise Information System Owners (ISO) on confidentiality, integrity, and availability impact values
  • Offer technical guidance for Authorization and Accreditation (A&A) responses
  • Evaluate IS threats and vulnerabilities, recommending additional safeguards as needed
  • Support development and implementation of NRO IT-IA-IM policies
  • Contribute to future NRO IS security policy development
  • Conduct site visits and assessments, prepare written reports for government approval
  • Ensure completion of security control assessments for each IS
  • Support RMF process-related presentations, briefings, and reports
  • Fulltime
Read More
Arrow Right

Delegated Authorizing Official (DAO) Representative Level 3

This role supports the identification and implementation of security requirement...
Location
Location
United States , Annapolis Junction
Salary
Salary:
Not provided
ctp-web.com Logo
Columbia Technology Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Eight (8) years of experience as an IT Risk Assessor, System Security Engineer, ISSM, DAO, or in a similar role of comparable scope and complexity
  • Bachelor's degree in Computer Science or IT Engineering
  • or an additional four (4) years of relevant experience (totaling twelve years) in lieu of a degree
  • U.S. Citizenship is required for all applicants
  • All applicants and employees are subject to random drug testing in accordance with Executive Order 12564
  • Employment is contingent upon successful completion of a security background investigation and polygraph
  • This position requires an active Security Clearance with appropriate Polygraph
Job Responsibility
Job Responsibility
  • Conduct comprehensive security planning, security assessments, risk analyses, and risk management activities using established system security design processes and defense‑in‑depth/breadth methodologies
  • Perform detailed risk assessments to support the integration of legacy systems into existing IT environments, leveraging understanding of engineering lifecycle principles and system integration practices
  • Review and evaluate cybersecurity measures built into systems slated for operational deployment, including identification, authentication, authorization mechanisms, and cross‑domain or controlled interface considerations
  • Develop risk assessments, plans of action, authorization recommendations, and required security authorization documentation in alignment with ICD 503 and established authorization processes
  • Identify organizational security requirements and ensure implementation of effective information security policies, controls, and activities grounded in core cybersecurity principles such as confidentiality, integrity, non‑repudiation, availability, access control, and auditing
  • Ensure cybersecurity functions-such as intrusion detection, incident handling, contingency planning, configuration management, and change control-are properly integrated into the development, configuration management, and risk management processes
  • Apply knowledge of risk management frameworks, information domains, security testing, and defensive IT strategies to strengthen infrastructure protection and system resilience
  • Facilitate collaboration with customers, IT personnel, and senior corporate leadership to define and achieve cybersecurity and risk management goals
  • Contribute to security architecture development, integration of legacy systems, and cybersecurity considerations within acquisition and RDT&E environments
What we offer
What we offer
  • Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options
  • Vision + Dental: Both free to you + paid in full by CTP
  • Retirement: 401k - 6% company contribution
  • PTO + Leave: Offering customizable leave plans to meet your needs
  • Jury Duty, Bereavement + Military Leave provided
  • Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition
  • Life and AD&D Insurance/Short-Term & Long-Term Disability: More peace of mind, at zero cost to you
  • Profit Sharing Bonus: End of year cash gets added to your bottom-line
  • Referral Bonus Program: Our bonuses range from $7,000-$20,000, if your referral joins the team
  • Fulltime
Read More
Arrow Right

Delegated Authorizing Official (DAO) Representative Level 3

Responsible for assisting in identifying the overall security requirements for t...
Location
Location
United States , Annapolis Junction
Salary
Salary:
Not provided
ctp-web.com Logo
Columbia Technology Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Eight (8) years of experience as an IT Risk Assessor, System Security Engineer, Information Systems Security Manager or DAO in programs and contracts of similar scope, type and complexity is required.
  • A Bachelor's Degree in Computer Science or IT Engineering. In lieu of a Bachelor's degree, an additional four (4) years of experience for a total of twelve (12) years.
  • Working knowledge of the following is required: system security design process, defense-in-depth/ breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503 (formerly NISCAP), risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, security authorization process, principles of Cybersecurity (confidentiality, integrity, non-repudiation, availability, access control), and security testing.
  • U.S. Citizenship is required for all applicants.
  • All applicants and employees are subject to random drug testing in accordance with Executive Order 12564.
  • Employment is contingent upon successful completion of a security background investigation and polygraph.
  • This position requires an active Security Clearance with appropriate Polygraph.
Job Responsibility
Job Responsibility
  • Responsible for assisting in identifying the overall security requirements for the protection of data, to ensure the implementation of appropriate information security controls, and perform and analyze the security risk assessment, risk analysis, risk management process, security control assessments, and awareness activities for systems and networking operations.
  • Provide assistance to ensure Cybersecurity functions are included in the configuration management process.
  • Interact with customers, Information Technology (IT) staff, and high-level corporate officers in defining and achieving required Cybersecurity objectives for the organization.
  • Contribute to building security architecture.
  • Assist with the integration of legacy systems.
  • Contribute to the acquisition/RDT&E environment and building Cybersecurity into systems deployed in operational environments.
  • Prepare security authorization documentation.
  • Perform security planning, security assessment, risk analysis, risk assessment, and risk management support activities.
  • Perform risk assessment and management to support integration of legacy systems into existing IT environment.
  • Review and analyze Cybersecurity built into systems to be deployed to operational environments.
What we offer
What we offer
  • Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options.
  • Vision + Dental: Both free to you + paid in full by CTP.
  • Retirement: 401k - 6% company contribution.
  • PTO + Leave: A work life balance is extremely important to our team here at CTP, which is why our paid time off plans are so lucrative. Offering customizable leave plans to meet your needs is just one of our many perks! Jury Duty, Bereavement + Military Leave provided.
  • Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition.
  • Life and AD&D Insurance/Short-Term & Long-Term Disability: More peace of mind, at zero cost to you.
  • Profit Sharing Bonus: End of year cash gets added to your bottom-line.
  • Referral Bonus Program: Our tiered program provides an incentive with each stage of the hiring process your referral passes. Our bonuses range from $7,000-$20,000, if your referral joins the team.
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst (NIST Evidence & Compliance)

Robert Half (Technology Solutions) is searching for an Cyber Security Analyst (N...
Location
Location
United States , Chatsworth
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, equivalent experience considered
  • 3–5+ years of cybersecurity, compliance, or IT security experience
  • Experience with NIST SP 800-171, DFARS 252.204-7012, CMMC Level 2
  • Microsoft Active Directory, Microsoft 365 / Azure, Security logging platforms, Endpoint security tools
  • Understanding of cybersecurity documentation and evidence management practices
  • Experience preparing audit documentation and supporting assessments
  • Strong documentation and organizational skills
  • Ability to communicate technical concepts to non-technical personnel
Job Responsibility
Job Responsibility
  • Must Fully Understand NIST SP 800-171 Controls / what is needed (110 Security Controls in place)
  • Completed Self-Assessment (met some Controls – other Controls not satisfied)
  • Gather Evidence / Artifacts for Audit-Readiness
  • Support Third-Party Assessors during Compliance Assessment
  • Prepare SSPs / POA&Ms / Data Flow & Network Diagrams / Security Training Records / Excel Reports
  • Review Audit Logs to Support Monitoring, Investigation, Reporting
  • Access Control Reviews / Maintain Privileged Account Documentation
What we offer
What we offer
  • Medical
  • Vision
  • Dental
  • Life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Cmmc Compliance Specialist

We are seeking a detail-oriented CMMC Level 2 Compliance Specialist to lead and ...
Location
Location
United States , Oceanside
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in cybersecurity, information technology, information assurance, compliance, or a related field preferred
  • 3+ years of experience in cybersecurity compliance, information security, risk management, or audit
  • Hands-on experience with CMMC Level 2, NIST SP 800-171, and federal contractor compliance requirements
  • Strong understanding of security frameworks, control testing, risk assessments, and documentation requirements
  • Experience creating and maintaining SSPs, POA&Ms, and related compliance artifacts
  • Familiarity with DFARS 252.204-7012, NARA 800-171 requirements, and handling Controlled Unclassified Information (CUI)
  • Strong project management, organizational, and communication skills
  • Relevant certifications such as CISSP, CISA, CISM, Security+, CCP, or related credentials are a plus
Job Responsibility
Job Responsibility
  • Lead CMMC Level 2 compliance initiatives across the organization
  • Assess and document the implementation of NIST SP 800-171 security controls and related practices
  • Perform gap assessments, readiness reviews, and internal audits to evaluate compliance posture
  • Develop, maintain, and update required compliance documentation, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), policies, standards, and procedures
  • Coordinate remediation efforts with internal teams to address control deficiencies and strengthen cybersecurity processes
  • Support evidence collection and audit preparation for external assessors and certification activities
  • Track compliance milestones, risks, and dependencies, and provide regular status reporting to leadership
  • Partner with IT and security teams to validate technical, administrative, and operational controls
  • Monitor regulatory updates and changes to CMMC, DFARS, FAR, and related federal cybersecurity requirements
  • Help promote security awareness and compliance best practices throughout the organization
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • free online training
  • Fulltime
Read More
Arrow Right

Director of Technology - Governance, Risk, and Compliance

We are seeking a Director of Technology - Governance, Risk, and Compliance to de...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 plus years of experience in Technical Governance, Risk, and Compliance, Risk Management, Audit, or Information Security
  • Minimum of 3 years in a director or senior manager role leading a GRC function or compliance program
  • Expert-level understanding of NIST CSF, SP 800-171, and CMMC Level 2 frameworks
  • Hands-on experience managing NIST CSF, 800-171 compliance programs or leading CMMC Level 2 assessments and certification initiatives
  • Strong knowledge of SOX Section 404 requirements, particularly IT General Controls (ITGC)
  • Deep understanding of ITAR and EAR export control regulations
  • Proficiency in risk management methodologies
  • Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II)
  • Strong communication skills to present complex compliance and risk concepts
  • Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive Cyber-focused Governance, Risk, and Compliance (GRC) strategy
  • Lead the design and implementation of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
  • Establish and manage an enterprise-wide risk management program
  • Design and enforce a control framework
  • Conduct or coordinate regular compliance assessments and internal audits
  • Manage relationships with external auditors, assessors, and regulators
  • Develop and maintain comprehensive compliance documentation
  • Lead the design of third-party and vendor risk management processes
  • Drive compliance training and awareness programs across the organization
  • Stay current with emerging regulatory changes
  • Fulltime
Read More
Arrow Right

Systems Administrator IV

Location
Location
United States , Huntsville, Alabama
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS with 8-10, MS 6-8, PhD 3-5
  • Must possess and maintain an Active DoD Secret clearance
  • Expert-level experience administering Active Directory, including Domain Controllers, DNS, Group Policy, trusts, and recovery operations
  • Strong hands-on experience with Windows Server 2019/2022 and Windows 11 in domain-joined environments
  • Proven experience operating VMware vSphere and ESXi in production environments
  • Strong understanding of system hardening, STIG implementation, and vulnerability remediation
  • Experience supporting RMF and ATO processes and interacting with auditors and assessors
  • Ability to troubleshoot complex, multi-layered system issues in restricted or air-gapped environments
  • Active IAT Level II certification (Security +, etc.)
Job Responsibility
Job Responsibility
  • Lead installation, configuration, hardening, and sustainment of on-prem Windows systems, including Windows Server 2019/2022 and Windows 11, across multiple enclaves and classification levels in compliance with DISA STIGs and NIST 800-53
  • Architect, administer, and sustain Active Directory Domain Services, including domain and forest design, Domain Controller deployment and lifecycle management, replication, FSMO role management, backup and recovery, DNS, DHCP, time services, trust relationships, and cross-domain integration
  • Architect, implement, and sustain Group Policy architecture and lifecycle management, including GPO design, testing, deployment, troubleshooting, enforcement of security baselines, workstation hardening, and user, computer, and OU design aligned with least-privilege principles
  • Architect, operate, and sustain VMware vSphere and ESXi environments, including host lifecycle management, virtual networking, storage integration using NFS and/or vSAN, performance tuning, and fault recovery
  • Plan, integrate, and validate new systems and technologies in coordination with network, cybersecurity, and engineering teams while maintaining operational stability
  • Perform advanced system troubleshooting across operating systems, identity services, virtualization, and authentication layers in restricted or air-gapped environments
  • Execute vulnerability management activities, including Nessus and SCAP scanning, analysis of findings, remediation, and validation of compliance
  • Serve as the technical subject matter expert for Windows and VMware platforms only during RMF and ATO activities, assessments, inspections, and audits by providing technical responses and evidence artifacts within the systems under their responsibility
  • Develop, maintain, and enforce system documentation, security baselines, architecture diagrams, SOPs, and recovery procedures
  • Design, implement, and maintain backup, restore, disaster recovery, and continuity of operations strategies for enterprise systems and directory services
  • Fulltime
Read More
Arrow Right