Security Control Assessor (SCA) Liaison

Responsibilities

• Facilitate communication between security control assessors and other departments, ensuring technical findings are presented in clear, actionable terms for both technical and non-technical audiences.
• Assist in developing and executing security control assessments, coordinating test plans and scope with the SCA team lead.
• Contribute to the preparation and maintenance of security documentation to ensure compliance with DoD and federal requirements.
• Support the analysis of security gaps and weaknesses, recommend migration strategies, and help to develop Plans of Action and Milestones (POAMs) to address findings.
• Provide support throughout the Assessment and Authorization (A&A) process, ensuring alignment with the Risk Management Framework (RMF) lifecycle.
• Promote information security awareness across teams by ensuring policies, controls, and resources are applied correctly.
• Act as a point of contact between assessment teams and other stakeholders, ensuring effective collaboration and smooth workflows.
• Carry out any other related activities as required, ensuring flexibility and adaptability in meeting the evolving needs of the company and client.

Requirements

• 7+ years of experience, including:
  • Prior experience as an SCA or in a related role performing security assessments (i.e., Navy Qualified Validator).
  • Extensive experience in cybersecurity, network security, and information assurance.
• Strong knowledge of RMF, including the NIST Special Publications (e.g., 800-37, 800-53).
• Familiarity with vulnerability management, penetration testing, and security gap analysis.
• Understanding of relevant laws, regulations, and industry standards, such as NIST, FISMA, and DoD directives.
• Hands-on experience with compliance and risk management tools (e.g., Stig Manager, eMass, Nessus, Splunk).
• Excellent written and verbal communication skills with the ability to produce clear, concise, risk-based recommendations for diverse audiences.
• Strong analytical skills to interpret results, identify root causes, and recommend mitigations.
• Ability to work effectively with system owners, assessor teams, and authorizing officials.
• Must hold one of the following certifications:
  • Certified in Governance, Risk, and Compliance (CGRC)
  • CompTIA Advanced Security Practitioner (CASP+)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Security Leadership (GSLC)
  • Certified Chief Information Security Officer (CCISO)
• Current or ability to obtain a Department of Defense (DoD) Secret Clearance is required. Note: To obtain a security clearance, you must be a U.S. citizen and meet the 13 adjudicative guidelines.

Preferred Qualifications (Nice to Have)

• A bachelor’s degree in an IT-related field (i.e., Computer Science, Cybersecurity, Information Systems).

Location

• Hybrid – On-site at client site in Mechanicsburg, Pennsylvania, a few times per year.
• Location Preference: Candidates within a six-hour driving distance of Mechanicsburg, Pennsylvania, are preferred.
• Travel Requirements: May be required.
• Work Hours: Standard 40-hour workweek (8 hours/day). Some flexibility may be available to accommodate client needs and personal responsibilities.

Benefits

• Competitive salary and discretionary performance-based bonuses.
• Comprehensive health benefits, including medical, dental, and vision insurance.
• Flexible Paid Time Off (PTO) and holidays to help you maintain a healthy work-life balance.
• Opportunities for professional development and continued learning.
• Hybrid/remote work arrangement with flexible hours.
• 401(k) retirement plan with company match.
• Employee recognition programs and company events.

About the Company

JMA Resources is an equal opportunity employer committed to achieving a workforce with an environment free of discrimination and harassment. All aspects of employment, including recruitment, hiring, promotions, transfers, discipline, terminations, wage and salary administration, benefits, and training, are based on business needs, job requirements, and individual qualifications, without regard to race, age, color, physical or mental disability, religion, gender, sexual orientation, gender identity/expression, marital status, national origin, political affiliation or protected veteran status. At JMA Resources, we are dedicated to fostering an inclusive environment for all qualified individuals. We provide reasonable accommodations to persons with disabilities to ensure equal access throughout the application and hiring process. JMA Resources participates in E-Verify to confirm the identity and employment eligibility of all newly hired employees.

How to Apply

If you need assistance or require an accommodation, please reach out to Amy Foy, VP of Employee Experience, at [email protected].