We’re hiring Senior NIST 800-53A Security Control Assessors for multiple federal assessment projects kicking off between
⚠️ This is NOT a general GRC or compliance role.
We are specifically looking for professionals who have hands-on experience executing full NIST 800-53A assessments, not just mapping controls or supporting audits.
What you’ll actually be doing:
• Developing Security Assessment Plans (SAP) with defined testing procedures (Inspect / Interview / Test)
• Conducting control assessments across all control families (technical + administrative)
• Interviewing control owners and validating implementation statements in SSPs
• Performing evidence-based testing (logs, configurations, artifacts)
• Writing Security Assessment Reports (SAR) with formal findings and risk ratings
• Building POA&M entries tied to identified control deficiencies
đźš« Not a fit if your experience is limited to SOC 2, ISO 27001, or third-party risk management without hands-on 800-53A assessment execution.
Requirements
What we’re looking for:
• 5+ years of direct experience performing NIST 800-53A assessments
• Proven ownership of SAP and SAR deliverables
• Strong experience designing and executing control testing procedures
• Background in RMF, FedRAMP, FISMA, or CMS ARS frameworks
• Ability to independently validate controls beyond documentation review
Nice to have:
• Experience with CMS ARS / ARC-AMPE baseline
• Strong Excel-based evidence mapping and tracking
Benefits
As a lean, growing firm, we prioritize results over red tape, offering you a direct seat at the table and a clear path for career progression as we scale. You won’t be just a number here; you’ll have the autonomy to make a visible impact on the business from day one.
Loading similar jobs...
Discover fully remote job opportunities in the United States at USA Remote Jobs. Apply for roles like Software Developer, Customer Service Specialist, Project Manager, and more!