Security Control Assessor

 Posted 5 days ago
     
2-5 years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Conduct cybersecurity control assessments and effectiveness testing aligned with NIST CSF 2.0 for state agencies. Identify security gaps and prepare detailed findings reports and remediation recommendations.

This is a remote position.

Position Summary We are seeking an experienced Security Control Assessor (SCA) to support cybersecurity assessments for state agencies. The assessor will evaluate compliance against 108 cybersecurity controls aligned to NIST CSF 2.0 and perform effectiveness testing on approximately 40 selected controls. 
The ideal candidate has strong experience conducting cybersecurity assessments, evaluating security governance and technical safeguards, and documenting findings and recommendations in accordance with NIST cybersecurity standards. 

Key Responsibilities
• Conduct cybersecurity control assessments using 108 NIST CSF 2.0–aligned controls
• Perform effectiveness testing for ~40 administrative, technical, and operational controls
• Review policies, procedures, configurations, evidence artifacts, and operational practices
• Conduct interviews and walkthroughs with agency personnel
• Identify gaps, weaknesses, and remediation needs
• Evaluate maturity and operational effectiveness of cybersecurity controls
• Prepare findings reports, risk observations, and remediation recommendations
• Maintain detailed assessment evidence and workpapers
• Support risk discussions and provide cybersecurity best-practice guidance
• Participate in meetings with project leadership and stakeholders
• Ensure assessments follow consistent, objective, and standardized methodologies

Deliverables
• Control assessment worksheets
• Evidence review documentation
• Effectiveness testing results
• Risk and gap findings
• Remediation recommendations
• Executive and technical assessment reports

Work Location Remote, with potential onsite visits to Florida state agency locations.

Background Requirements Candidates must pass a state background investigation.

Requirements

Required Qualifications

• Bachelor’s degree in Cybersecurity, IT, Information Assurance, or related field
• Minimum 3 years conducting cybersecurity or information security assessments
• Experience with: – NIST CSF 2.0 – NIST SP 800-171 or 800-53 – Security control assessments and testing – Risk assessments and compliance evaluations
• Strong understanding of: – Governance and policy review – Identity and access management – Vulnerability management – Incident response – Logging and monitoring
• Excellent written and verbal communication skills
• Strong documentation and reporting abilities
• Ability to analyze technical and non-technical cybersecurity evidence

Preferred Qualifications 

• Experience supporting state government or public sector agencies
• Certifications: CISSP, CISA, CISM, CAP, Security+
• Experience with frameworks: NIST CSF, SP 800-171, SP 800-53, CJIS, SOC 2


Benefits

• Remote work
• Opportunity to support statewide cybersecurity initiatives
• Professional development and growth opportunities
• Collaborative and mission-driven environment

Similar Jobs

See all Remote Others jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Others

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified