Swingtech

Security Control Assessor, Top Secret/SCI

Swingtech

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Job Level

SeniorLead

Tech Stack

Cyber SecurityTypeScript

About the role

  • Evaluate and validate System Security Plans (SSPs), Security Assessment Plans (SAPs), and Security Assessment Reports (SARs)
  • Assess security controls per NIST SP 800-53, CNSSI 1253, and related DoD cybersecurity guidance
  • Perform control inheritance analysis and assess system-level security postures
  • Conduct comprehensive risk assessments and provide risk acceptance recommendations
  • Review and advise on Plan of Action and Milestones (POA&M) remediation strategies
  • Review security authorization packages and provide recommendations to support Authority to Operate (ATO) decisions
  • Support continuous monitoring strategies and ongoing assessment activities
  • Perform technical testing and analysis of implemented security controls to identify vulnerabilities
  • Recommend mitigation strategies and track remediation progress
  • Participate in system walkthroughs, site surveys, and technical reviews
  • Prepare executive-level and technical briefing materials
  • Document security findings and recommendations in formal reports
  • Ensure cybersecurity assessment activities align with AFRL/RI mission objectives and RMF lifecycle stages

Requirements

  • Active Top Secret/SCI (TS/SCI) clearance
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, or related technical field (Master’s preferred)
  • 10–15 years of experience in cybersecurity, information assurance, or risk management, including direct RMF assessment and authorization support for DoD or Intelligence Community systems
  • Expertise in NIST SP 800-37, 800-53, 800-137; CNSSI 1253; DoD 8500-series policies and RMF guidance
  • Proven Assessment & Authorization (A&A) experience under RMF
  • Strong understanding of system categorization, control selection, implementation, and assessment methodologies
  • Ability to work independently and collaborate with system owners, ISSOs, ISSMs, and Authorizing Officials
  • Excellent technical writing, analytical, and communication skills
  • Industry certifications such as CISSP, CAP, CISM, or GSNA strongly preferred