MBL Technologies Inc.

Senior Security Control Assessor, SCA

MBL Technologies Inc.

full-time

Posted on:

Origin:  • 🇺🇸 United States • District of Columbia, Virginia, Washington

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber SecurityJavaScript

About the role

  • Conduct independent, comprehensive assessments of management, operational, and technical security/privacy controls per NIST SP 800-37
  • Perform security reviews to identify architectural gaps and provide recommendations for risk mitigation
  • Conduct risk analyses (threats, vulnerabilities, probability of occurrence) during significant system/application changes
  • Plan and execute security authorization reviews, assurance case development, and audits for system installations and networks
  • Provide input to the Risk Management Framework (RMF) and related documentation, including lifecycle support plans, CONOPS, and operational procedures
  • Review authorization packages and assurance documents to confirm acceptable risk levels for systems, applications, and networks
  • Verify that system, network, and application security postures are implemented as designed, documenting deviations and recommending corrective actions
  • Assess the effectiveness of implemented security controls across management, operational, and technical areas
  • Support compliance activities by ensuring security configuration guidelines and standards are followed
  • Evaluate configuration management and release processes for security impacts
  • Define/document how new systems or interfaces affect the organization’s current security posture
  • Develop security compliance processes and perform audits of external services (e.g., CSPs, data centers)
  • Ensure Plans of Action & Milestones (POA&Ms) and remediation plans are established for vulnerabilities
  • Participate in Risk Governance processes by presenting risks, mitigations, and technical assessments
  • Support acquisition and procurement efforts to ensure information security requirements are integrated
  • Produce reports, briefings, and technical documentation reflecting assessment results and recommendations
  • Role is mostly remote with occasional onsite meetings in the Arlington area; contingent on contract award; no travel reimbursements allocated

Requirements

  • 7+ years of relevant IT/cybersecurity experience
  • Advanced degree in a technical/cyber-related field (or equivalent experience/certifications)
  • Proficiency in assessing security controls against standards (e.g., NIST SP 800-53, CIS CSC, Cybersecurity Framework)
  • Strong skills in vulnerability scanning, penetration testing principles, and interpreting results
  • Ability to conduct risk, impact, and compliance assessments
  • Skill in technical documentation, briefings, and audit reporting
  • Proficiency in security architecture review and system design evaluation
  • Knowledge of secure coding principles and application security (e.g., OWASP Top 10)
  • Experience applying confidentiality, integrity, and availability principles to systems and networks
  • Familiarity with compliance frameworks and security assessment tools
  • Strong analytical, technical writing, and communication skills
  • Ability to evaluate and synthesize risk assessment data into actionable findings
  • Ability to clearly communicate technical and risk information to technical and non-technical audiences
  • Ability to assess vulnerabilities and recommend corrective actions
  • Ability to apply judgment in ambiguous or evolving situations
  • Ability to interpret and apply relevant cybersecurity laws, regulations, and policies
  • Ability to collaborate across teams and work effectively with external service providers
  • Ability to design, conduct, and evaluate test plans, assessments, and compliance audits
  • Ability to lead complex assessments, provide strategic recommendations, and advise leadership on enterprise-wide security control effectiveness
  • Knowledge of Risk Management Framework (RMF) and Security Assessment & Authorization (SA&A) processes
  • Working knowledge of government compliance standards and assessment processes (e.g., NIST SP 800-161, FISMA, FedRAMP)
  • Familiarity with cyber defense and vulnerability assessment tools
  • MILITARY OCCUPATIONAL SPECIALTY CODES (MOS codes): 170A, 170D, 17A, 17B, 17C, 17D, 24B, 25B, 47D, 94F, IT, 17 5309, 6203, 9735, 9740, 9890, 9891
MBL Technologies Inc.

Security Control Assessor – Midlevel

MBL Technologies Inc.
Mid · Seniorfull-timeDistrict of Columbia, Virginia · 🇺🇸 United States
Posted: 2 hours agoSource: recruiting.paylocity.com
Cyber SecurityJavaScript
Boeing

Product Security Engineer

Boeing
Junior · Midfull-time$92k–$185k / yearMissouri · 🇺🇸 United States
Posted: 12 days agoSource: boeing.wd1.myworkdayjobs.com
Cyber Security
Slingshot Aerospace

Senior Subject Matter Expert, Cybersecurity

Slingshot Aerospace
Seniorfull-timeArizona, California, Colorado, District of Columbia, Florida, Hawaii, Illinois, Kansas, Montana · 🇺🇸 United States
Posted: 22 days agoSource: boards.greenhouse.io
Cyber SecurityTypeScript
Zantech

Cybersecurity Engineer

Zantech
Mid · Seniorfull-time🇺🇸 United States
Posted: 12 days agoSource: zantech-it.breezy.hr
Cyber Security
VetsEZ

Cyber Security Engineer

VetsEZ
Mid · Seniorfull-time🇺🇸 United States
Posted: 17 days agoSource: vetsez.breezy.hr
CloudCyber Security