Security Controls Assessor

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 

 

• Assessment Execution: Plan and execute comprehensive security control assessments in accordance with frameworks like the Risk Management Framework (RMF) and FISMA.
• Testing & Evaluation: Review system configurations, evaluate evidence, and perform technical testing (e.g., vulnerability scanning) to validate security posture.
• Documentation & Reporting: Compile assessment results into Security Assessment Reports (SARs) and generate risk determinations for Authorizing Officials (AOs).
• Remediation & Tracking: Identify control weaknesses and support the development of Plans of Action and Milestones (POA&Ms).
• Team Leadership: Guide junior assessors, review deliverables, and coordinate assessment activities with ISSOs, system owners, and stakeholders.

• US Citizenship is required for this role.
• Education: Bachelor’s degree in cybersecurity, computer science, information systems, or a related field.
• Experience: 5+ years of hands-on experience in cybersecurity, audit, or compliance, with specialized focus on RMF and NIST 800-series publications.
• Regulatory Expertise: Deep understanding of statutory guidance such as NIST SP 800-53, NIST SP 800-53A, and FISMA.
• Certifications: Industry-recognized credentials such as the Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Authorization Professional (CAP).
• Background Investigation: This role requires a Federal background investigation.  A current or prior DHS suitability is highly preferred.

401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  

Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  

Group Term Life, Short-Term Disability, Long-Term Disability  

Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  

Participation in the Discretionary Time Off (DTO) Program  

11 Paid Holidays Annually 

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.

If you want to make an impact, UltraViolet Cyber is the place for you!