Security Control Assessor (SCA)

This position is contingent upon a future opening with Gunnison. Salary: $125,000 - $135,000/year.

Work Location: This position will be primarily remote, with the possibility of on-site work requirements up to and including eventual return-to-office.

The Security Control Assessor (SCA) supports Independent Security Control Assessment (ISCA) activities under RMF Step 4 for federal client systems. This role focuses on executing assessment tasks, collecting evidence, and documenting control effectiveness to ensure systems meet federal cybersecurity requirements.

• Assist in the development of Security Assessment Plans (SAPs) by identifying security controls to be tested and assessment methods.
• Conduct testing of implemented security controls using examination, interview, and technical evaluation techniques in alignment with NIST SP 800-53A Rev. 5 and SP 800-115.
• Collect and validate objective evidence including screenshots, logs, and configurations to support assessment results.
• Document assessment results in test cases, checklists, and supporting artifacts.
• Support preparation of Security Assessment Reports (SARs) by summarizing findings and mapping them to applicable NIST controls.
• Collaborate with ISSOs, system owners, and other stakeholders to clarify scope, address discrepancies, and resolve issues.
• Participate in remediation and retesting activities, validating fixes and updating assessment documentation.
• Contribute to continuous monitoring by performing follow-up assessments and updating risk documentation as directed.

• 3–5 years of experience performing cybersecurity control assessments or related RMF activities.
• Working knowledge of NIST RMF, FISMA, and NIST SP 800-53/53A control assessment procedures.
• Hands-on experience with security testing tools and techniques (e.g., Nessus, database scanners, manual validation).
• Strong attention to detail and ability to maintain thorough documentation.
• Ability to work collaboratively under the guidance of the Lead SCA and coordinate with ISSOs and system stakeholders.
• Industry certification preferred (e.g., Security+, CAP, CISA, CISSP Associate).

Clearance Requirement: Active Secret clearance required.

The salary range for this position depends upon multiple factors including location, the individual's knowledge, skills, competencies, and experience, and contract-specific budget constraints and organizational requirements.

• Gunnison’s total compensation package includes bonus and profit-sharing opportunities, depending on company and employee performance.
• 3 weeks of Personal Leave in your first year; 11 paid Holidays each year; 5 days of Flexible Time Off each year.
• 401(k) company match at 50% up to 10% of your salary.
• Medical, Dental and Vision Insurance; Life and Disability Insurance.
• Public Transportation Subsidies; Certifications and Training Allowance - $2,500/year.

• Gunnison takes on ambitious projects and pursues fun, challenging work that requires creative thinking and innovation.
• Quality is our top priority.
• Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
• There is a great sense of camaraderie; we maintain this atmosphere as we grow.
• Rapid growth offers outstanding opportunities for individual professional development.
• We hire for careers at Gunnison, not to fill a position.

Equal Opportunity / Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.

Job code: EX-569A44FE

Job type: Full-time

Location: Machias, Washington, United States