[Hiring] Security Controls Assessor @Valiant Solutions

Role Description

Valiant Solutions is seeking a Security Controls Assessor to join our rapidly growing and innovative cybersecurity team!

The Security Controls Assessor will lead hands-on technical security control assessments and provide FISMA and FedRAMP subject matter expertise for our government client’s information systems. The role guides assessment teams through:

• Security Assessment and Authorization (SA&A)
• Annual Security Controls Assessment (ASCA)
• Event-Driven assessments against NIST SP 800-53

This role produces audit-defensible packages and mentors junior analysts.

The Security Controls Assessor can expect 100% telework. Remote work requires a high level of trust in our employees, and we strictly adhere to the details outlined in our Remote Work Policy.

Qualifications

• Five (5) or more years of progressively responsible experience in information security, security control assessment, or cyber risk management.
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Engineering, or a related field, or an additional three (3) to five (5) years of relevant experience in lieu of a degree.
• Demonstrated hands-on experience assessing NIST SP 800-53 controls and producing A&A artifacts (System Security Plan, Security Assessment Plan, Security Assessment Report, Security Controls Traceability Matrix, and Plan of Action and Milestones).
• Knowledge of FISMA, the NIST Risk Management Framework (NIST SP 800-37), FedRAMP, ISCM, and CDM.
• Demonstrated experience with technology risk assessments, security engineering, and security architecture principles.
• Experience with cloud systems, cloud service providers, and FedRAMP requirements.
• Experience with GRC platforms (e.g., Qmulos Q-Compliance, ServiceNow GRC), SharePoint, scanning tools, and SIEM (e.g., Splunk).
• Familiarity with FIPS 199 security categorization and privacy control assessment.
• Strong written and verbal communication and stakeholder engagement skills.

Requirements

• Lead hands-on technical NIST SP 800-53 security control assessments, including applicable overlays (e.g., high-value assets, artificial intelligence, critical software, and FedRAMP).
• Serve as a FISMA and FedRAMP technical subject matter expert across SA&A, ASCA, and Event-Driven Security Controls Assessment efforts.
• Guide the Discovery, Assessment, Risk Validation, and Finalization stages, including Security Assessment Plan development, evidence collection, control assessment meetings, and Security Assessment Report finalization.
• Coordinate and conduct stakeholder meetings and findings reviews, and brief stakeholders on draft Security Assessment Report findings and risk decisions.
• Maintain and update assessment package templates for consistency and compliance.
• Assess the impact of new laws, regulations, policies, and guidance on the client’s assessment requirements and recommend process changes.
• Provide day-to-day technical direction and mentorship to other security analysts.
• Incorporate threat modeling and threat hunting into the assessment process to proactively identify and mitigate risks.
• Recommend automation approaches to improve assessment efficiency and accuracy.
• Support FedRAMP package reviews for cloud efforts and responses to data calls and audits.
• Provide knowledge transfer and upskilling to federal staff.

Benefits

• Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees.
• Valiant contributes 25% towards Health Coverage for Family and Dependents.
• 100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees.
• 100% Paid Certifications.
• 401K Matching up to 4%.
• Paid Time Off.
• Paid Federal Holidays.
• Wellness & Fitness Program.
• Valiant University – Online Education and Training Portal.
• FSA programs for: Medical Costs, Dependent Care, Transit, and Parking.
• Referral Bonuses.