FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Security Assessment Lead
QuesTek Europe ABSecurity Assessment Lead responsible for leading independent risk and vulnerability assessments at OCH Technologies. Overseeing technical authority in executing assessments and maintaining compliance.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates extensive expertise in cybersecurity assessments, including risk and vulnerability management, while leading teams to ensure compliance with NIST standards and producing actionable remediation strategies. Proven ability to mentor staff and manage complex assessment projects in safety-critical environments.
Highest-signal resume keywords
NIST SP 800-53AVulnerability Assessment ToolsRisk Management Framework (RMF)Cybersecurity Certification (CISSP, CISA, etc.)Leadership and Team Development
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Cybersecurity ExperienceRisk AssessmentVulnerability AssessmentSystem Security Assessment Reports (SARs)Plans of Action and Milestones (POAMs)NIST SP 800-53NIST SP 800-37Technical DocumentationAnalytical SkillsProblem-Solving Skills
Soft Skills
Written CommunicationVerbal CommunicationTeam DevelopmentLeadershipTime Management
Tools & Technologies
NessusWebInspectAppDetective ProNMapTcpdump
Certifications & Qualifications
CISSPGCEDCompTIA CASP+CISACAP (Certified Authorization Professional)
Industry Keywords
Operational Technology (OT)Industrial Control Systems (ICS)Safety-Critical InfrastructurePublic Trust ClearanceNIST Compliance
Tech Stack
Tools & technologiesCyber Security
About the role
Key responsibilities & impact- Serve as primary technical POC for all security assessments, vulnerability assessments, and analyses of alternatives under the contract
- Lead assessment planning and coordination at FAA facilities nationwide, including developing System Security Assessment Test Plans and managing pre- and post-assessment activities
- Personally lead complex or high-visibility assessment events
- Ensure all assessments use the three NIST 800-53A methods (Examine, Interview, Test) and produce compliant SARs
- Develop and maintain vulnerability scanning strategies including Tactics, Techniques, and Procedures (TTPs)
- Evaluate and recommend scanning tools and configurations for NAS and Mission Support environments
- Conduct risk translation from assessment findings and develop draft Plans of Action and Milestones (POAMs) with actionable remediation guidance
- Lead regression assessment activities to validate that patches, fixes, and configuration changes mitigate previously identified vulnerabilities
- Attend all Program Management Reviews and report on assessment status, deliverable timelines, and technical issues
- Mentor and develop junior assessment staff
- Build a team culture where analysts take ownership of their assigned systems and drive assessments to completion independently
- Coordinate with NAS system owners, FAA facility staff, AIT/AIS, and ACG to schedule assessments and resolve access and logistical issues
- Ensure assessment work in NAS operational environments follows safety protocols.
Requirements
What you’ll need- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, Mathematics, or Physics from an accredited institution
- At least fifteen (15)+ years of cybersecurity experience
- Minimum of five (5) years of management and supervisory responsibility leading risk and vulnerability assessment teams
- At least two (2) years of relevant experience performed within the last 3 years
- Demonstrated track record of successful completion of multiple independent risk assessments and vulnerability assessments on complex, multi-system environments
- Deep working knowledge of NIST SP 800-53 (Rev. 4/5), NIST SP 800-53A, NIST SP 800-37 (RMF), and FIPS-199 security categorization
- Hands-on experience with vulnerability assessment tools including Nessus, WebInspect, AppDetective Pro, nMap, and Tcpdump
- Experience developing System Security Assessment Reports (SARs), Plans of Action and Milestones (POAMs), and assessment test plans
- Experience working in Operational Technology (OT), Industrial Control Systems (ICS), or other safety-critical infrastructure environments
- Candidate must have the ability to obtain and maintain a Public Trust Active Secret level clearance preferred
- Current cybersecurity certification aligned with security assessment and risk management disciplines, including CISSP, GCED, CompTIA CASP+, CISA, or an equivalent
- CAP (Certified Authorization Professional) or equivalent RMF certification preferred.
- Strong written and verbal communication skills with the ability to produce clear, defensible, and actionable technical documentation
- Proven leadership and team development capabilities
- Ability to manage multiple assessment efforts simultaneously while maintaining quality standards
- Strong analytical and problem-solving skills
- Ability to work effectively with government stakeholders, technical teams, and senior leadership.
Benefits
Comp & perks- Paid time off and Holidays
- Medical, Dental, and Vision Insurance
- Paid Parental Leave
- Short-term disability, long-term disability, and life insurance - Employer Paid!
- 401(k)
- Additional Voluntary Life Insurance
- Tuition Reimbursement & More!