Security Control Assessor (SCA)
Company: Pendleton Solutions
Location: Arlington
Posted on: February 18, 2026
|
|
|
Job Description:
Job Description Job Description Salary: Position: Security
Control Assessor (SCA) Clearance: Top Secret (TS) Security
Clearance w/SCIis required and current within the last five years
Work Location: Arlington, VA Work Schedule: Monday through Friday
onsite (Regular Full-time) Work authorization: United States
(Required) Travel: Occasional travel within CONUS and OCONUS; valid
U.S. passport required. Position Summary The Security Control
Assessor is responsible for implementing and maintaining robust
security controls for classified and unclassified information
systems in support of DoD and Intelligence Community (IC) missions.
This role ensures compliance with all applicable federal and DoD
cybersecurity standards (e.g., RMF, NIST SP 800-53, JSIG) and
manages the certification and authorization (A&A) process for
systems handling Controlled Unclassified Information (CUI) through
Top Secret/SCI. The SCA must have a current Top Secret Clearance
with SCI Eligibility and be willing to submit to a
Counterintelligence polygraph. You must be able to work onsite in
Arlington, VA. Duties shall include, but are not limited to the
following: Lead security control assessments (SCAs) and develop
System Security Plans (SSPs), Security Assessment Reports (SARs),
and Plans of Action & Milestones (POA&Ms). Prepare and review
A&A packages for authorizing officials, ensuring completeness
and accuracy within established timelines. Conduct continuous
monitoring and risk assessments to ensure ongoing compliance. Apply
DoD/IC cybersecurity requirements (e.g., DoD 8570.01-M, DoDI
8500.01, NIST SP 800-53, JSIG, CNSSI/ICD directives). Develop and
recommend security policies, procedures, and best practices.
Coordinate with stakeholders to integrate security requirements
into program life cycles (RFI, RFP, proposal, award, closeout).
Manage and administer network security devices, classified LAN/WAN
environments, PKI solutions, virtual machines, and endpoint
protections. Perform system audits and vulnerability assessments;
recommend corrective actions and track remediation efforts. Support
Information System Security Officers (ISSOs) and network
administrators, providing guidance on secure configurations and
incident response. Coordinate with Engineering, IT, and program
teams to address security findings and implement mitigation
strategies. Participate in configuration control board (CCB)
reviews and advise on security implications. Prepare and deliver
briefings, technical reports, and status updates to leadership.
Position Qualifications Bachelors degree in Computer Science,
Information Systems, or a related field, plus 12 years
ofprogressive cybersecurity experience in DoD or IC environments.
Masters degree may substitute for four years of relevant
experience. Deep understanding of the Risk Management Framework
(RMF) and NIST SP 800-53 security controls. Experience with
certified and accredited systems up to SAP/SCI classification (CUI,
Confidential, Secret, Top Secret). Familiarity with DoD/IC
governance documents. Proficient with security tools and
technologies (e.g., SIEM, vulnerability scanners, endpoint
protection, firewalls). Available to work before/after typical
office hours as work may demand Must be able to lift 50 lbs
Excellent briefing and technical writing skills. Impeccable
customer service skills. Read, speak, and understand the English
language fluently. Expertexperience using Microsoft Office Suite
and Adobe tools and systems to include Excel, Project, Teams,
SharePoint, Word, and PowerPoint. Security Certifications (SFPC,
SAPPC, SPIPC, SPSC, CISSP, Security ) preferred Complete a security
screening interview. The employee must
maintainclearance,eligibility throughoutemployment. Must meet
client suitability. Additional Information This job description is
not exhaustive and may be supplemented with additional duties as
required. In compliance with federal law, all new hires must verify
identity and eligibility to work in the United States by completing
the required employment eligibility verification form upon hire.
Pendleton Solutions, LLC is an equal employment opportunity
employer. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, national
origin, disability status, protected veteran status, or any other
characteristic protected by law. NOTICE TO THIRD PARTY AGENCIES
Please note that PenSol does not accept unsolicited resumes from
recruiters or employment agencies. In the absence of a signed
Recruitment Fee Agreement, PenSol will not consider or agree to
payment of any referral compensation or recruiter fee. Suppose a
recruiter or agency submits a resume or candidate without a
previously signed agreement. In that case, PenSol explicitly
reserves the right to pursue and hire those candidate(s) without
any financial obligation to the recruiter or agency. Any
unsolicited resumes, including those submitted to hiring managers,
are deemed to be the property of PenSol.
Keywords: Pendleton Solutions, Eldersburg , Security Control Assessor (SCA), IT / Software / Systems , Arlington, Maryland
