Security Control Assessor Per Federal Contract U.S. Citizenship Required Must be able to pass federal background check for DOJ Public Trust Clearance Onsite ONLY- Washington, DC (5 days a week on-site) Candidates with Active DOJ Clearance are encouraged to apply Start Date 1/26/2026 No telework allowed $85.78/hr W2 ONLY This role will involve performing security control assessments, utilizing the NIST Risk Management Framework (RMF), and supporting the overall cybersecurity efforts to safeguard DOJ systems and information. The ideal candidate will have a strong background in security control assessments, specifically utilizing the NIST RMF and related publications. This is an on-site position based in the D.C. area with occasional travel. Responsibilities: -Perform security control assessments using the NIST Risk Management Framework (RMF) for DOJ ATR systems. -Leverage the Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM) to conduct assessments, manage security controls, and provide recommendations. -Collaborate with Information System Security Officers (ISSOs) and other teams to obtain required information and support system security assessments. -Develop and maintain Plans of Actions and Milestones (POAMs) and provide recommendations for mitigating security risks. -Review and assess system security documentation, including System Security Plans (SSPs), security assessments, and continuous monitoring activities. -Conduct vulnerability management activities, including assessing remediation efforts and verifying controls. -Provide recommendations on account management, configuration management, incident response, cloud computing environments, and contingency planning. -Maintain and update knowledge of federal security requirements and industry standards. -Work independently and manage tasks effectively while maintaining flexibility to adapt to changes in tasking. Personal Skills: -Analytical: Ability to assess complex security issues and propose solutions. -Independent: Able to work autonomously with little to no supervision. -Team-Oriented: Collaborates effectively with ISSOs and other stakeholders. -Flexible: Adaptable to changes in priorities or tasking. -Inquisitive: Strong ability to ask the right questions to gather information and clarify requirements. -Outgoing: Comfortable interacting with multiple teams to gather necessary information and support security efforts. Job Requirements: Education & Experience: -Bachelor's degree with 8+ years of relevant experience. Additional experience may be considered in lieu of a degree. -Minimum of 3 to 5 years performing security control assessments using the NIST Risk Management Framework (RMF). -Experience with or Federal Law Enforcement Agency organizations is preferred but not required. -Knowledge of NIST Risk Management Framework (RMF): -SP 800-53A Rev. 5: Assessing Security and Privacy Controls in Information Systems and Organizations -SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations -SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations -SP 800-137: Information Security Continuous Monitoring (ISCM) -SP 800-18 Rev. 1: Guide for Developing Security Plans for Federal Information Systems -FIPS 200: Minimum Security Requirements for Federal Information and Information Systems -FIPS 199: Standards for Security Categorization of Federal Information and Information Systems -Experience with Joint Cybersecurity Authorization Management (JCAM) system (formerly CSAM): -Use of JCAM for assessment and management of security controls for Federal LEA systems. -In-depth Knowledge in the following principles: -Account Management -Configuration Management -Vulnerability Management -Identity Credentials and Authorization Management -Contingency Plans/Planning -Audit and Accountability -Incident Response -Media Protection -Cloud Computing Environments -POAM Creation and Management Additional Qualifications: -Active Public Trust clearance or ability to obtain one. -Ability to travel up to 25% for site assessments, meetings, and other required duties. Ref: #850-Rockville (ALTA IT) System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan. System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.