Security Assessor
Washington, DC
Federal Civilian /
Proposal Position /
Hybrid
Who We’re Looking For (Position Overview):
Spry Methods is on the search for a Security Assessor to join our team in DC.
What Your Day-To-Day Looks Like (Position Responsibilities):
- Strong working knowledge of IT Security requirements, technical security countermeasures, risk managements processes, contingency planning, and secure data communications
- Experience conducting full cycle Security Assessments & Authorizations (SA&A)
- Testing will include network, system, application and NIST control testing from administrative and technical perspectives
- Experience analyzing vulnerability scans and interpreting risks and employing manual checks to validate vulnerability data
- Be able to assist the customer with understanding risk and providing risk mitigation
- Will create Security Assessments Plans, Reports, and POA&Ms
- The security assessment team conducts documentation reviews, inspections, and interviews with key personnel knowledgeable/ responsible for the various controls
- Personnel interviewed are asked to show evidence of compliance, demonstration security features, provide access to (or screenshots of) configuration files and system logs, and perform tests
- The determination of compliance will be based upon responses to questions and analysis of supporting evidence..
- Knowledge of CSAM is a plus
What You Need to Succeed (Minimum Requirements):
- At least 5 years experience
- Bachelor's Degree or 4 years of specialized experience
- Strong security assessor background
- Must understand the Risk Management Framework (RMF) process
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
