Cyber Security Control Assessor

About the role

CACI is searching for a Cyber Security Control Assessor to support the FEMA Office of the Chief Information Security Officer (OCISO) in Washington, D.C. As a Cyber Security Control Assessor, you will play a crucial role in ensuring the security and compliance of FEMA's information systems through comprehensive independent assessment of security controls. You will work in a dynamic environment, collaborating with system owners, ISSOs, stakeholders, and cybersecurity professionals to evaluate the effectiveness of security control implementation. Your efforts will directly contribute to safeguarding FEMA's mission-critical systems and data. The Cyber Security Control Assessor will serve as a senior independent assessor for control design, implementation, and effectiveness across assigned systems and authorization boundaries. This position requires evaluating the effectiveness of IT security controls including management, operational, and technical controls and determining if controls meet compliance requirements under NIST SP 800-53 and DoD RMF. The Cyber Security Control Assessor will perform assessment procedures including interviews, examinations, and testing and verify control implementation and effectiveness. This role is critical for analyzing System Security Plans (SSPs), policies, procedures, and evidence artifacts to identify security gaps and evaluate residual risk.