Security Control Assessor III
Listed on 2026-06-28
-
IT/Tech
Cybersecurity, Information Security
Position Overview
Category: Cyber Security
Location: Washington, DC;
Fairfax, VA;
Lafayette, LA;
Knoxville, TN (Hybrid model available)
Position : J
Employment Type: Full Time
The Security Control Assessor III serves as the senior authority for complex security assessments across Treasury systems. This role provides independent evaluation of NIST SP 800-53 control implementations and delivers authoritative risk determinations for Authorizing Officials. You will ensure rigorous assessment quality, leverage FedRAMP/Cloud expertise, and provide high-impact analysis for system authorization and enterprise compliance.
Future Duties and Responsibilities- Lead comprehensive control testing, including cloud, hybrid, and classified system assessments.
- Develop SAPs, assess security controls, validate control inheritance, and produce SARs.
- Conduct HVA assessments and support DHS/OMB compliance.
- Evaluate AI models for algorithmic bias, adversarial vulnerabilities, and explainability.
- Validate remediation effectiveness and POA&M closure accuracy.
- Support ATO packages with documented risk findings and recommendations.
- Provide independent verification of security engineering outcomes.
- Bachelor's degree in Cybersecurity or a related field.
- 9 years of security control assessment experience.
- Proficiency with NIST SP 800-115, MITRE ATT&CK, and CNSSI 1253.
- CAP or CISSP certification.
- Experience supporting FedRAMP High, HVA, or national security systems.
- Familiarity with AI testing and red teaming.
The estimated compensation range for this role in the U.S. is $ – $. Compensation is determined based on skills, experience, training, and certifications.
CGI offers a comprehensive benefits package including:
- Competitive compensation and insurance options.
- 401(k) matching and share purchase plans.
- Paid time off, holidays, and parental leave.
- Tuition assistance and professional development.
- Wellness and well-being programs.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).