Security Control Assessor

Job not on LinkedIn

🔥 3 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Rampant Technologies

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2014

🔒 Cybersecurity

🏛️ Government

Cybersecurity • Government • Software

Rampant Technologies is a cybersecurity firm that specializes in providing high-quality vulnerability assessments, penetration testing, and internal audits primarily for small and midsize businesses and federal government customers. They also develop advanced software engineering solutions that integrate securely and reliably with existing systems to enhance performance and security throughout the system's life cycle.

📋 Description

• Implements, maintains, and assesses security controls supporting enterprise and government systems in alignment with approved baselines, organizational requirements, and federal cybersecurity standards. • Supports system authorization activities, including the development, maintenance, and delivery of System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and related security documentation required for Authorization to Operate (ATO) approval. • Monitors system security posture, identifies risks, vulnerabilities, and compliance gaps, and coordinates remediation activities with system owners, technical teams, cybersecurity operations, and governance stakeholders. • Supports continuous monitoring, vulnerability management, configuration management, change management, audit preparation, and security reporting activities. • Assesses the security impact of system changes and ensures systems are prepared for security assessments, audits, and Authorizing Official reviews. • Serves as a cybersecurity liaison between system teams, cybersecurity operations, and governance bodies to support secure system operations, compliance, and delivery of System Security Plans to the Y-12 Field Office for Approval to Operate.

🎯 Requirements

• Five (5+) to ten (10+) years of experience in cybersecurity, information systems security, security control assessment, ISSO support, system authorization, or programs and contracts of similar scope, type, and complexity is required. • Firm understanding of NIST SP 800-37 and NIST SP 800-53. • Experience implementing, maintaining, and assessing security controls aligned with approved security baselines and organizational requirements. • Experience supporting system authorization activities, including preparation and maintenance of System Security Plans (SSPs), POA&Ms, and other ATO-related documentation. • Experience monitoring system security posture and identifying risks, vulnerabilities, compliance gaps, and remediation requirements. • Experience tracking and managing POA&Ms and coordinating remediation activities with system owners, technical stakeholders, and cybersecurity teams. • Experience supporting continuous monitoring activities, vulnerability management, security reporting, and audit readiness. • Experience assessing the security impact of system changes and supporting configuration and change management processes. • Experience preparing systems for security assessments, audits, and Authorizing Official reviews. • Ability to serve as a security liaison between system teams, cybersecurity operations, and governance bodies. • Experience working in secure government, DOE, or federal cybersecurity environments preferred.

🏖️ Benefits

• no benefits specified