Security Controls Assessor (TS/SCI)

Zachary Piper Solutions is seeking a Security Controls Assessor to support a critical DoD organization in Washington, D.C. The customer is seeking experienced security assessors and engineers to assist with the accelerated transformation from the organizations lower security classification (IL4/IL5) to a higher classification (IL6). 

Clearance: Top Secret/SCI

Location: Washington, D.C. (90% remote)

This job opens for applications on 3/30/2026. Applications for this job will be accepted for at least 30 days from the posting date   

Responsibilities of the SCA:

• Support enterprise software as it transitions from lower authorization levels (IL4/IL5) to IL6
• Enable DIU/2FS to scale production-ready software into classified environments without disrupting operational tempo
• Address gaps created by legacy authorization pathways by ensuring software can efficiently transition “over the fence” to high-side environments
• Serve a critical need for an experienced assessor who can maintain momentum for mission-critical software delivery
•  Perform security assessments for enterprise applications transitioning to IL6
• Analyze systems previously authorized at lower impact levels and align them with IL6 requirements
• Review and validate RMF artifacts (SSPs, SAPs, SARs), inherited controls, and cloud architectures/boundaries
• Support Authorizing Officials (AOs) and ISSMs with ATO extensions, reciprocity determinations, and audit preparation
• Establish and operationalize reciprocity processes between DIU and partner organizations
• Act as a trusted advisor and subject-matter expert to new DIU AOs as they build experience and confidence at IL6

Qualifications of the SCA:

• Bachelors degree in related discipline and 8-10 years of related experience
• Active TS/SCI clearance
• Experience conducting security control assessments of IL4/IL5/IL6
• Customer facing experience, serve as “trusted advisor” to new AOs
• Must be comfortable with cross cloud control mapping
• Experience reviewing and validating RMF packages, inherited controls, & cloud architectures/boundaries

Compensation for the SCA:

• Total compensation based on experience level - $150,000-$190,000+ **based on degree and total years of experience**
• Full Benefits: PTO/Holidays, Cigna Medical, Dental, and Vision, 401k with ADP
• Certification reimbursement
• Contract stability and mobility through Zachary Piper Solutions

#LI-MK1 #LI-Hybrid #LI-Remote

Keywords: Security controls assessment, RMF (Risk Management Framework), NIST SP 800‑53 controls, security control validation, IL5, IL6, IL4, FedRAMP, cloud, AWS, Azure, TS/SCI, Top Secret, W2, opentowork, hiring, RMF, cyber, cyber security, information technology, vulnerability, SSP, SAP, system authorization, ATO (Authority to Operate), IL4/IL5/IL6 impact levels, cloud security assessment, FedRAMP, DoD SRG compliance, control inheritance, security architecture review, SSP/SAP/SAR analysis, risk identification and mitigation, continuous monitoring (ConMon), security testing and evaluation (ST&E), reciprocity and reuse, audit readiness, vulnerability management, boundary definition, enclave assessment, ISSM/AO support, classified and unclassified environments, zero trust principles, defensive cyber operations, governance risk and compliance (GRC), trusted advisor engagement, mission assurance