Senior Control Assessment Analyst jobs in United States
info-icon
This job has closed.
company-logo

Ampcus Inc · 5 months ago

Senior Control Assessment Analyst

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level
money$60/hr - $80/hr
date5+ years exp

Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. They are seeking a Senior Control Assessment Analyst to provide security subject matter expertise, develop methodologies, maintain assessment schedules, and conduct control assessments for information systems. The role involves aligning assessment methodologies with NIST standards and managing ongoing authorizations and assessments.

Data ManagementInformation Technology
check
H1B Sponsor Likelynote

Responsibilities

The Board’s Assessment and Authorization (A&A) program operates in alignment with the NIST Risk Management Framework (RMF) as outlined in the current release of NIST SP 800-37
The objective of the Control Assessment task is to provide security subject matter expertise to develop A&A methodologies, maintain accurate assessment schedules, and conduct control assessment activities for newly developed or acquired information systems, as well as for systems and common controls in ongoing authorization
Develop a methodology for conducting control assessments for software-as-a-service (SaaS) solutions operated by a vendor on behalf of the Board that have not received FedRAMP authorization, and for assessing external organizations and systems that process, store, or transmit Board information
Align these assessment methodologies with principles set forth in FISMA, OMB, and NIST standards and publications, and consider efficient and cost-effective means of assessment to allow Board senior leaders and stakeholders to make risk-based authorization decisions
Develop and maintain a Master Assessment Schedule that tracks new information systems requiring full control assessments and existing information systems and common controls under ongoing authorization in the continuous monitoring phase of the RMF
Ensure the Master Assessment Schedule adjusts estimated completion dates in real-time to account for unplanned assessments, changes in prioritization, delays, or changes in resource availability, enabling Board security staff to provide stakeholders with estimated completion dates for all scheduled A&As at any given time
Review and update Control Overlays that define and justify the applicable security and privacy controls for information systems with common characteristics, such as internally developed web applications, FedRAMP-authorized SaaS solutions, etc
Based on the receipt and review of artifacts provided by system owners or support staff, which may include, but are not limited to, FIPS-199 Categorization Memos, System Security and Privacy Plans (SSPP), Contingency Plans, etc., develop Control Assessment Plans (CAPs) for each system, service, or common control provider to be assessed. Each CAP shall include, at minimum: The assessment methodology to be followed

Qualification

NIST Risk Management FrameworkControl Assessment MethodologyControl Assessment PlansNIST 800-53Information Security ComplianceStakeholder BriefingTechnical AssessmentsRisk Evaluation

Required

At least five years of experience performing the functions associated with this labor category
Experience performing control assessments as part of a team in accordance with applicable NIST standards (NIST 800-53, Rev 5, or newer version, as applicable)
Experience preparing control assessment plans, executing technical and non-technical assessments actions, evaluating the risk associated with areas of deficiency, and documenting detailed findings and executive-level summaries of assessment results
Experience briefing stakeholders on key findings, recommendations, risks, and impacts
Experience providing direct support of information security compliance activities, including managing plans of actions and milestones (POA&Ms) and inventories of information systems

Company

Ampcus Inc

twittertwittertwitter
company-logo
Ampcus is a global business, technology consulting and an staff augmentation firm specializing in AI/ML,digital solutions, Cybersecurity & Risk management, Testing, Forensics & Fraud services and human capital management.
dateFounded in 2004
location
Chantilly, Virginia, USA
people-size1001-5000 employees
web-link
http://www.ampcus.com

H1B Sponsorship

Ampcus Inc has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (14)
2024 (13)
2023 (7)
2022 (16)
2021 (13)
2020 (18)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Raj Narayan
Sr. Vice President, Strategic Sales
linkedin

Recent News

EIN Presswire
Ampcus Inc. Names Julie Potter Vice President of Sales
2025-08-18
EIN Presswire
Ampcus Expands BFSI Team, Taps Global IT Industry Veteran Raj Narayan
2025-07-31
Seattle TechFlash
Empowering entrepreneurs fuels economic growth in Greater Washington
2025-07-15
Company data provided by crunchbase