Control Validation Security Specialist Posted: 07/24/2025 Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel – and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we’ve described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Control Validation Security Specialist Responsibilities: + Under general supervision, performs IT audits on complex information systems, applications, and enclaves to ensure that appropriate controls exist, are correctly implemented, and that procedures comply with Federal and DOD standards. + Conducts accurate evaluation of the level of security required. + Performs procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. + Provide guidance and assistance in the formulation and implementation of audit readiness issues requiring new approaches, establishment of precedents, or the interpretation of controversial law, regulation, or past practice. + Supports the Financial Statement Audit, Annual Statement of Assurance, SSAE-18 Audit, and the Audit Logging eOPR. + Provides technical support in the areas of vulnerability assessment, risk assessment, network security, and security implementation. + Provides technical evaluations of customer systems and assists with making security improvements. + Conducts cybersecurity control validation exercises on unclassified networks, applications, and systems to validate the effectiveness of current security measures. + Understands the concept of weighing business needs against security concerns and analyzes applied mitigations to evaluate whether they meet security requirements. Basic Qualifications: + Two (2) years of experience working with DOD1 8500.2 or NIST SP 800-53 and understanding of the principles of the risk management framework. + Strong analytical and problem-solving skills for resolving security issues. + Proficiency in basic analytical software such as Microsoft Excel and Access, proficiency with the + Microsoft Office suite, to include Word, PowerPoint + Understanding of Enterprise Mission Assurance Support Service (eMASS) + Understands the concept of weighing business needs against security concerns. + Experience analyzing applied mitigations to evaluate whether they meet security requirements. + Experience with technical report writing and ability to provide evidentiary matter associated with findings and recommendations + Knowledge of RMF (800-53 rev5) + Relevant certification from a nationally recognized authority + DoD Approved 8570 Baseline Certification: Minimum of IAT-II + Previous SCAR or Auditor experience preferred. + Previous experience with FISCAM 2024 a plus. + Knowledge of Enterprise Log Management Systems and other systems as appropriate for log reviews, also a plus. All qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, national origin, age, citizenship, disability, or Veteran status. Additionally, the company provides reasonable accommodations to qualified individuals with disabilities.