Security Control Assessor | Req#3172

Washington, DC


ActioNet has an immediate opportunity for a Security Control Assessor requiring a Public Trust in The Washington DC metropolitan area. ActioNet is an IT service provider and solutions integrator headquartered in Vienna, VA, that works with the Federal Government and the Department of Defense. In this role, you will conduct independent, comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). You will also assist in developing and implementing data access security safeguards and protective measures to protect computer data from internal and/or external users.  

As a member of the Cyber security team, you will provide advice and counsel to an IT service delivery organization providing and supporting IT infrastructure. 

What is in it for you?

  • Opportunity to join a dynamic team helping to advance climate research by securing data collection systems and infrastructure
  • Opportunity to join ActioNet, named the best place to work each year for 9th year in a row
  • Generous salary and competitive benefits

Duties and Responsibilities

  • Develop methods to monitor and measure risk, compliance, and assurance efforts. 
  • Develop specifications to ensure risk, compliance, and assurance efforts conform with security, resilience, and dependability requirements at the software application, system, and network environment level. 
  • Draft statements of preliminary or residual security risks for system operation. 
  • Maintain information systems assurance and accreditation materials. 
  • Monitor and evaluate a system's compliance with information technology (IT) security, resilience, and dependability requirements. 
  • Assess the effectiveness of security controls. 
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. 
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy. 
  • Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. 
  • Plan and conduct security authorization reviews and assurance case development for installing systems and networks. 
  • Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations. 

Basic Qualifications:

  • 5+ years of experience as a Security Controls Assessor for the Federal government 
  • Experience should include an independent assessment overview of the implementation of the policy and procedures associated with the enterprise system software, security on Windows and UNIX/Linux servers, and the analysis of security vulnerabilities identifying recommendations for the remedy of the particular environment.
  • Experience in developing and implementing policies, standards, and guidelines covering data security, disaster recovery, continuity of operations, and contingency planning.
  • Must actively hold at least one of the following certifications: CompTIA A+, CompTIA Network+, CompTIA Security+, GCIH, GSEC, GSE, GISP, GSLC, CAP, SSCP, CISSP, CISA

Preferred Qualifications:

  • Higher level of the certifications listed above
  • Certification in Assessment and Authorization (A&A)
  • Training in one or more of the following areas: FedRAMP, ITILv3, McAfee, Microsoft Azure Cloud, Nessus, NIST RMF, Penetration Testing, Plan of Action and Milestones (PO&AMs), Privacy Impact Assessment (PIA), Privacy Threshold Analysis (PTA)
  • Experience in marine or aviation industries
  • Bachelor’s Degree in IT or a related field from an accredited college or university
  • Possess or be eligible to obtain and maintain a Secret Security Clearance

ActioNet is a CMMI-DEV Level 4, CMMI-SVC Level 4, ISO 20000, ISO 27001, ISO 9001, HDI-certified, woman-owned IT Solutions Provider with strong qualifications and expertise in Agile Software Engineering, Cloud Solutions, Cyber Security and IT Managed Services.   With 24+ years of stellar past performance, ActioNet is the premier Trusted Innogrator!

Why ActioNet?

At ActioNet, our Passion for Quality is at the heart of everything we do:

ActioNet is proud to be named a Top Workplace for the ninth year (2014 - 2022).   We have 98% of Customer retention rate.  We are passionate about the inspirational missions of our customers, and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health, and well-being of our nation.

What's in It For You?
As an ActioNeter, you get to be part of an exceptional team and a corporate culture that nurtures mutual success for our customers, employees, and communities. We give you the tools to be successful; all you need to do is bring your best ideas, your energy, and a desire to develop your skills, experience, and career.  Are you ready to make a difference?

ActioNet is an equal opportunity employer and values diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.