Sr. Security Control Assessor II (6398)

]:pointer-events-auto scroll-mt-(--header-height)" data-turn-id="b2bf13c1-57b8-4ee3-8400-7aeb5b1be46a" data-testid="conversation-turn-1" data-scroll-anchor="false" data-turn="user"> ]:pointer-events-auto [content-visibility:auto] supports-[content-visibility:auto]:[contain-intrinsic-size:auto_100lvh] scroll-mt-[calc(var(--header-height)+min(200px,max(70px,20svh)))]" data-turn-id="6daf4f8a-6a97-414e-82f5-7ea1f575565b" data-testid="conversation-turn-2" data-scroll-anchor="true" data-turn="assistant">

As Sr. Security Control Assessor II, you'll provide independent validation of security control effectiveness across mission-critical information systems with the goal of making a measurable impact across the federal government. Our Cybersecurity Assessment & Authorization team is responsible for ensuring federal systems meet rigorous security and compliance standards, and you'll play a key role in enabling risk-informed authorization decisions through objective evidence, disciplined assessment practices, and alignment to federal cybersecurity frameworks.

We know that you can't have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you'll do:

• Conduct independent assessments of management, operational, and technical security controls and control enhancements
• Evaluate control implementation and effectiveness against NIST 800-53, NIST 800-37, and Risk Management Framework requirements
• Review security documentation, artifacts, and evidence supporting authorization decisions
• Coordinate assessment activities with Information Systems Security Managers, Information Systems Security Officers, and system owners while maintaining assessor independence
• Document assessment findings, risks, and recommendations clearly and objectively
• Support initial authorization, reauthorization, and continuous monitoring assessments
• Brief assessment results, risk posture, and recommendations to Government Authorizing Officials, Security Control Assessors, and program leadership
• Maintain strict independence, objectivity, and professional judgment throughout assessment activities

What you'll need to succeed:

• Active Top Secret security clearance with SCI eligibility required.
• 7+ years of direct experience in cybersecurity with a strong focus on assessment and authorization activities.
• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related technical field is strongly preferred. Relevant experience may substitute for education requirements.
• Possess DoD 8140 certification aligned to the 612 Security Control Assessor work role, such as Security+, SSCP, CAP, CASP+, CISSP, CISA, GSLC, or CISSP-ISSEP.
• Demonstrated experience conducting independent assessments of management, operational, and technical security controls and enhancements.
• Proven expertise assessing control effectiveness in accordance with NIST 800-37, including evaluation of inherited and system-specific controls.
• Hands-on experience drafting security assessment reports and providing remediation recommendations.
• Operational experience supporting system authorization activities, including security assessments, risk determination, and reporting of findings.
• Ability to contribute immediately with minimal ramp-up in a mission-critical operational environment.
• Required technical certifications include CAP or CISA.

SALARY RANGE: $184,000 - $207,000

The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered will be determined based on several factors including:

• The candidate's professional background and relevant work experience
• The specific responsibilities of the role and organizational needs
• Internal equity and alignment with current team compensation
• This role is also eligible for additional compensation, subject to the terms and policies of MetroStar, which may include:
• Performance-based bonuses
• Company-paid training and/or certifications
• Referral bonuses