Required Qualifications:Education: Bachelor's degree and 8+ years of experience, or Master's and 6+ years of experience, or PhD and 3+ years of experience. A degree in one of the following fields of study is highly desired: Information Technology, Computer Science, Cybersecurity, Information Systems, Software Engineering, or Data Science. However, an additional 4 years of relevant experience or specialized training may be considered in lieu of Bachelor's degree.Security Clearance: Active Top Secret with SCI eligibility.Certifications: Active IAT Level II certification (CompTIA Security+ preferred).Must have knowledge of enterprise solutions across multiple cloud operating environments (JWICS, SIPRNET, NIPRNET, and commercial Internet).Must have eMASS, ACAS, and ISC2 Certified Cloud Computing Professional (CCSP) or CompTIA Cloud+ experience.Must have knowledge in the following areas: Knowledge of computer networking and/or cloud computing concepts and protocols, and network security methodologies.Knowledge of cyber threats and vulnerabilities in a virtualized environment.Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.Knowledge of risk management framework processes (e.g., methods for assessing and mitigating risk).Knowledge of specific operational impacts of cybersecurity lapses.Knowledge of industry methods for evaluating, implementing, and disseminating Information Technology (IT) security assessment, monitoring, detection, and remediation tools and procedures using standards-based concepts and capabilities.Knowledge of cyber defense and vulnerability assessment tools, including opensource tools, and their capabilities.Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data in a cloud environment.Knowledge of IT and cloud computing security principles and methods (e.g., firewalls, demilitarized zones, encryption).Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.Knowledge of network and/or cloud computing environment security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).Knowledge of penetration testing principles, tools, and techniques..Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return oriented attacks, malicious code).Knowledge of the Security Assessment and Authorization process.Skill in determining how a security and/or cloud computing security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.Skill in discerning the protection needs (i.e., security controls) of information systems and networks and those relating to cloud computing.Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard IT) for safety, performance, and reliability.We are seeking an experienced Security Control Assessor Representative to accomplish the following:Conduct assessments and facilitate risk mitigation planning.Provide Assessment and Authorization (A&A) for the ARCYBER cloud infrastructure.Execute a security control assessment plan and update the System Security Plan.Review vulnerability scans and remediation.Implement risk management programs by utilizing NIST, FISMA, HIPAA, and PII -- and document solutions.Monitor the privacy landscape regarding all data (privacy, protection, classification, and residency).Assist clients with identifying gaps within existing privacy programs and designing solutions to help address those challenges.Scan, test, and validate systems/networks/applications to obtain/maintain an ATO under NIST/FISMA guidelines.*This position requires full-time, onsite attendance Monday through Friday in the Baltimore metropolitan area.#J-18808-Ljbffr
Required Qualifications:Education: Bachelor's degree and 8+ years of experience, or Master's and 6+ years of experience, or PhD and 3+ years of experience. A degree in one of the following fields of study is highly desired: Information Technology, Computer Science, Cybersecurity, Information Systems, Software Engineering, or Data Science. However, an additional 4 years of relevant experience or specialized training may be considered in lieu of Bachelor's degree.Security Clearance: Active Top Secret with SCI eligibility.Certifications: Active IAT Level II certification (CompTIA Security+ preferred).Must have knowledge of enterprise solutions across multiple cloud operating environments (JWICS, SIPRNET, NIPRNET, and commercial Internet).Must have eMASS, ACAS, and ISC2 Certified Cloud Computing Professional (CCSP) or CompTIA Cloud+ experience.Must have knowledge in the following areas: Knowledge of computer networking and/or cloud computing concepts and protocols, and network security methodologies.Knowledge of cyber threats and vulnerabilities in a virtualized environment.Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.Knowledge of risk management framework processes (e.g., methods for assessing and mitigating risk).Knowledge of specific operational impacts of cybersecurity lapses.Knowledge of industry methods for evaluating, implementing, and disseminating Information Technology (IT) security assessment, monitoring, detection, and remediation tools and procedures using standards-based concepts and capabilities.Knowledge of cyber defense and vulnerability assessment tools, including opensource tools, and their capabilities.Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data in a cloud environment.Knowledge of IT and cloud computing security principles and methods (e.g., firewalls, demilitarized zones, encryption).Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.Knowledge of network and/or cloud computing environment security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).Knowledge of penetration testing principles, tools, and techniques..Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return oriented attacks, malicious code).Knowledge of the Security Assessment and Authorization process.Skill in determining how a security and/or cloud computing security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.Skill in discerning the protection needs (i.e., security controls) of information systems and networks and those relating to cloud computing.Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard IT) for safety, performance, and reliability.We are seeking an experienced Security Control Assessor Representative to accomplish the following:Conduct assessments and facilitate risk mitigation planning.Provide Assessment and Authorization (A&A) for the ARCYBER cloud infrastructure.Execute a security control assessment plan and update the System Security Plan.Review vulnerability scans and remediation.Implement risk management programs by utilizing NIST, FISMA, HIPAA, and PII -- and document solutions.Monitor the privacy landscape regarding all data (privacy, protection, classification, and residency).Assist clients with identifying gaps within existing privacy programs and designing solutions to help address those challenges.Scan, test, and validate systems/networks/applications to obtain/maintain an ATO under NIST/FISMA guidelines.*This position requires full-time, onsite attendance Monday through Friday in the Baltimore metropolitan area.#J-18808-Ljbffr
Government Careers
Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
MORE JOBS
-
Elite Full-Spectrum GEOINT Analyst for DoD Ops
- Raleigh, North Carolina
- CACI International Inc
- Jul 02, 2026
-
Senior Test Systems Engineer - DoD MBSE & Verification
- Tucson, Arizona
- Raytheon
- Jul 02, 2026
-
Entry-Level Customs and Border Protection Officer (GS-5/7)
- Columbus, Ohio
- U.S. Customs and Border Protection
- Jul 02, 2026
-
Industrial Security Lead - FSO for Cleared Programs
- Arlington, Virginia
- FORTERRA
- Jul 02, 2026
-
Traffic Control Flagger
- Maryville, Tennessee
- AWP Safety
- Jul 02, 2026
-
Air Interdiction Agent New Hire Sign-On Incentives
- Slidell, Louisiana
- U.S. Customs and Border Protections
- Jul 02, 2026