Security Control Assessor

Overview

Lynch Consultants is seeking a motivated and experienced Security Control Assessor to join our team and manage IT security governance, contract compliance, and achieve ATO for Commercially available Off the Shelf (COTS) systems within a federal agency. The ideal candidate will be well-versed in NIST standards, FISMA, FedRAMP, and will ensure contract deliverables meet quality and regulatory requirements.

Work Location and

Schedule:

This position is a Hybrid role with 3 days on-site in Arlington, VA and 2 days remote.

Salary: Up to $95,000

• Guide systems through the Authorization to Operate (ATO) process, aligned with NIST Risk Management Framework (800‑37), including system categorization, control selection, testing, documentation, and authorization.
• Engage with Authorizing Officials (AOs), Information System Security Officers (ISSOs), and your team to prepare key packages (SSPP, POA&M) and achieve successful ATO.
• Ensure implementation of NIST SP 800‑53 controls; align with FIPS 199/200 for system impact levels.
• Maintain FISMA compliance: support annual reviews, continuous monitoring, and reporting per FISMA 2014 definitions.
• Adherence to FedRAMP requirements.
• Oversee contract execution: ensure deliverables meet scope, schedule, and quality metrics.
• Implement governance processes: track deliverables, manage risk, coordinate audits, and support inspections.
• Facilitate collaboration among stakeholders—technical teams, compliance officers, and agency leaders—to resolve issues and maintain contract integrity.
• Establish and manage ongoing security monitoring aligned with FISMA mandates.
• Track corrective actions through Plans of Action & Milestones (POA&M), ensuring risk is mitigated and remediations are enacted.
• Provide regular status reports to agency stakeholders and compliance authorities.
• Train internal staff and agency personnel on security protocols, compliance obligations, and ATO processes.

• MUST be a U.S. Citizen
• MUST have a BA/BS degree
• MUST be located in the D.C. Metropolitan/DMV area
• MUST be eligible to obtain a Public Trust Clearance
• MUST have demonstrated knowledge of NIST SP 800-53, FIPS 199/200, SP 800-37, and related guidelines
• MUST have a strong understanding of contract governance and execution within federal/regulatory contexts
• MUST have proven leadership in security ATOs for federal systems under RMF/NIST frameworks
• MUST have familiarity with FedRAMP

• Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), or equivalent
• Prior experience in federal contractor roles with audit and regulatory oversight
• Knowledge of additional frameworks (e.g., DoD RMF, CMMC)

At Lynch Consultants (LC), your career growth is unlimited. We offer a competitive compensation package, employer-supported 401(k), world-class health benefits, paid vacation and holidays, plus programs that support your well-being.

• Professional development and training opportunities
• Coaching, mentorship, and career flexibility
• The chance to work on meaningful projects that impact national security, healthcare, veterans, and families across the U.S.
• We’re looking for curious, versatile problem-solvers who build strong relationships and think innovatively.

Lynch Consultants, LLC is an Equal Opportunity Employer. We are a premier Federal consulting firm where your work makes a real difference. We value purpose, growth, and impact, and we proudly support and encourage applications from U.S. military veterans.