Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google, Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

We are looking for a Security Control Assessor to join our team in Washington D.C./Maryland. (currently remote)

You’ll facilitate Security Control Assessments (SCAs) and possibly other advanced-level Continuous Monitoring Activities within cloud-based environments. To succeed in this position, you’ll need a strong understanding of security-related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. You will work in a team atmosphere and you’ll be assigned technical sections and be able to provide client-ready deliverables.

In this role as a Security Control Assessor you will:

• Help government agencies understand the level of risk associated with security control implementation.
• Support independent verification and validation (IV&V) and similar types of assessments e.g., targeted assessment, security impact analysis.
• Review system security plans and other related documentation.
• Produce a security assessment plan (SAP) and security assessment report (SAR)
• Utilize XACTA 360 to document assessment results.
• Provide oversight of assessment teams to ensure timelines and quality meet expectations.
• Provide recommendations to customer on how their program or system could be improved.
• Review system vulnerability scanning reports and support mitigation recommendations.

• Minimum 5 to 7+ years of professional experience supporting cybersecurity programs in an assessor capacity
• Bachelor’s Degree from an accredited college or university
• Strong understanding of FIMSA and NIST Risk Management Framework requirements
• NIST 800-53 subject matter expert
• Ability to work independently, help lead others, support direction of small teams
• One or more of the following certifications: CISSP, CISM, CGEIT, CRISC, Security+, or CEH
• Communication, organizational, and problem-solving skills
• Effective writing skills
• Ability to work independently and as part of a team
• Professional attitude and demeanor
• Knowledge of FISMA, OMB circulars (A-130), NIST 800-37, 800-53, and related publications
• Support to continuous monitoring
• Support to developing and/or updating security artifacts related to the risk management framework.
• Information Technology related degree (or equivalent experience)
• Experience with MS Office Suite
• Critical thinking, and ability to balance security requirements with mission needs

assionate problem-solvers who are hungry to learn, grow, and contribute. That’s what it takes to be a part of the Coalfire team. We work together to tackle the toughest cybersecurity challenges and help our clients become more secure and successful. We are trusted advisors who are committed to shaping our industry. At Coalfire, our people have the opportunity to expand their minds and skills, build meaningful relationships with the industry’s smartest minds, and have a direct impact on our company’s success. 

Along with energetic culture and supportive environment, you’ll have the flexibility to balance your personal and work life and grow personally and professionally. We work hard, and we play hard – and the two often overlap, and we’re active in our communities. Plus, we offer great benefits, including:

• Health, dental, and vision insurance with an employer contribution
• Flexible paid time off  
• A generous 401(k) plan
• A corporate wellness program
• Tuition reimbursement
• Certification reimbursement

Coalfire is an EEO employer. We celebrate diversity and are committed to respecting one another, embracing individual differences, and creating an inclusive environment for all employees.