ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Controls Assessment Lead who have experience conducting independent comprehensive assessments of security controls and control enhanncements with an IT system to determine effectiveness in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.


Roles and Responsibilities

Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization’s cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.


Required Skills

  • Expertise with NIST SP 800-53
  • Expertise with NIST SP 800-137
  • Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
  • Knowledge of Risk Management Framework (RMF) requirements
  • Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities
  • Knowledge of Personally Identifiable Information (PII) data security standards
  • Skill in performing impact/risk assessments

Desired Skills

  • Knowledge of systems diagnostic tools and fault identification techniques
  • Skill in interpreting vulnerability scanner results to identify vulnerabilities
  • Skill in preparing and presenting briefings
  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems
  • Experience as a member of a certified FedRAMP Third-party Assessment Organization (3PAO) desired

Education Requirement

  • Bachelor’s Degree preferred (or additional four years of experience)

Years of Experience Requirement

  • 7-10 years of experience in Cybersecurity and Policy

Certification Requirement

  • Certified Information Systems Security Professional (CISSP), preferred


  • National Capital Region

Security Clearance

  • Must be a U.S Citizen

Sound like the job for you?

Send us a link to your resumé or portfolio to become part of our talent pool.

Click here to apply

Warning: Invalid argument supplied for foreach() in /var/www/wp-includes/class-wp-list-util.php on line 157