×
Register Here to Apply for Jobs or Post Jobs. X

Security Control Assessor Security Clearance

Job in Fort Belvoir, Fairfax County, Virginia, 22060, USA
Listing for: 22nd Century Technologies, Inc.
Full Time position
Listed on 2026-07-10
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Systems Engineer, IT Consultant
Job Description & How to Apply Below
Position: Security Control Assessor with Security Clearance
Job Title:

Security Control Assessor

Location:

Fort Belvoir, VA 22060
Duration:
Long-term Certification: IAT Level III Clearance:
Active Top Secret Clearance The Contractor shall provide RMF Assessment and Authorization (A&A) or Assess Only services on multiple security domains and classifications. The Contractor shall provide

• Army A&A or Assess Only services as a Security Control Assessor – Validator (SCA-V) IAW Army cybersecurity policies.
• At a minimum, the Contractor shall have knowledge and experience with Windows Server and Workstation, Architecture and Active Directory, Linux/Unix OS, cloud technologies, network architecture, databases, coding principle, eMASS, vulnerability management tools, virtual environments, containerization technologies/platforms, Dev Sec Ops  principles, and code scanning tools.

• The Contractor shall follow the NETCOM SCA TTP and applicable guidance to measure risk, compliance, and assurance, and shall implement an independent cybersecurity auditing process for application software/networks/systems, perform validation steps, compare actual results with expected results, and analyze the differences to identify impact and risks. The Contractor shall:

• Receive and complete a comprehensive assessment of A&A or Assess Only eMASS packages.

• Assist the A&A or Assess Only activity and ensure that a thorough validation occurs on all elements and security controls within eMASS.

• Complete the eMASS with the results from the assessment for each security control. [

NOTE:

The results shall include sufficient detail to identify the compliance or non-compliance of the security control.]

• Complete the Risk Assessment Report (RAR) eMASS module for each non-compliant security control. The Contractor shall have knowledge and experience with:

• A&A and Assess Only processes.

• Risk management processes.

• The current concepts and capabilities of cyber defense and vulnerability assessment tools, including open-source tools, and their capabilities.

• Known vulnerabilities from alerts, advisories, and bulletins

• The Contractor shall employ automated tools, including ACAS and software scanning tools, such as Fortify, Sonar Qube, and Twistlock, to evaluate a system’s security status and compliance with DISA STIGs in containerized and virtual environments. The Contractor shall also be able to evaluate systems that do not have these tools for emerging technologies, such as Cloud and Tactical systems.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary