Aretum, Llc
Lead Cybersecurity Assessor/Technical Lead - Contingent
Aretum, Llc, Washington, District of Columbia, us, 20022
Public Trust Eligibility Required
This is a contingent position, meaning employment is dependent upon the successful award of the associated contract to Aretum and completion of any required background investigation or security clearance verification.
About Aretum Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.
Job Summary Due to the nature of our work as a federal consulting employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.
Responsibilities
Lead end-to-end delivery of cybersecurity assessments/audits of government systems, including assessment planning, evidence collection, technical testing, analysis, and reporting
Develop and execute Security Assessment Plans (SAP) and ensure assessment procedures align to required control assessment methodologies
Conduct and oversee technical testing activities (e.g., vulnerability scanning, penetration testing, configuration validation, and other security examinations) and translate results into clear, actionable findings
Evaluate the effectiveness of security controls (including inherited/common controls where applicable) and document whether controls meet intent and requirements
Produce high-quality deliverables (e.g., Security Assessment Reports/SARs, risk narratives, remediation recommendations) and support POA&M development and closure evidence
Provide technical leadership to assessors (tasking, mentorship, peer review, quality assurance, and consistency of methodology across engagements)
Partner with project leadership to manage scope, schedules, dependencies, and risks; communicate project status and constraints to stakeholders
Brief technical and non-technical stakeholders on risk, severity and prioritized remediations, and advise on practical mitigation strategies
Maintain professionalism and independence expected of assessment personnel and ensure assessments are defensible and audit-ready
Qualifications
Minimum 7 years of experience conducting cybersecurity assessments, audits, or control assessments in government or regulated environments
Demonstrated experience across project management, network design concepts, and testing the security of government systems to identify vulnerabilities
Strong working knowledge of federal control assessment and risk management practices
Ability to develop/execute assessment of test plans and document results with clear pass/fail rationale and remediation guidance
Strong technical writing skills and experience producing assessment deliverables for audit/ATO packages and compliance reviews
Experience supporting A&A / authorization activities and maintaining audit-ready security documentation (e.g., SSP/SAP/SAR/POA&M)
Familiarity with common federal assessment artifacts and roles, including coordinating with system owners and stakeholders to execute assessments and record results
Experience leading teams delivering multiple concurrent assessments in enterprise environments (on-prem, cloud, hybrid)
Preferred Qualifications
Bachelor's degree in information systems, Computer Science, or related field
Preferred Certifications:
GIAC Web Application Penetration Tester (GWAPT)
Certified Ethical Hacker (CEH)
GIAC Systems and Network Auditor (GSNA)
Certified Penetration Tester (CPT)
Certified Expert Penetration Tester (CEPT)
GIAC Certified Web Application Defender (GWEB)
Offensive Security Certified Professional (OSCP)
CREST Penetration Testing Certifications
Travel Requirements This is a hybrid position, with work performed both remotely and at designated client or corporate locations, as needed. Travel requirements may vary depending on project assignments, client meetings, or internal collaboration and will be communicated in advance whenever possible.
EEO Statement Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.
As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.
We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience.
If you require reasonable accommodation during the hiring process due to a disability, please contact hr@aretum.com for assistance.
U.S. Work Authorization Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements.
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off
Family Leave (Maternity, Paternity)
Short Term & Long-Term Disability
Training & Development
#J-18808-Ljbffr
This is a contingent position, meaning employment is dependent upon the successful award of the associated contract to Aretum and completion of any required background investigation or security clearance verification.
About Aretum Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.
Job Summary Due to the nature of our work as a federal consulting employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.
Responsibilities
Lead end-to-end delivery of cybersecurity assessments/audits of government systems, including assessment planning, evidence collection, technical testing, analysis, and reporting
Develop and execute Security Assessment Plans (SAP) and ensure assessment procedures align to required control assessment methodologies
Conduct and oversee technical testing activities (e.g., vulnerability scanning, penetration testing, configuration validation, and other security examinations) and translate results into clear, actionable findings
Evaluate the effectiveness of security controls (including inherited/common controls where applicable) and document whether controls meet intent and requirements
Produce high-quality deliverables (e.g., Security Assessment Reports/SARs, risk narratives, remediation recommendations) and support POA&M development and closure evidence
Provide technical leadership to assessors (tasking, mentorship, peer review, quality assurance, and consistency of methodology across engagements)
Partner with project leadership to manage scope, schedules, dependencies, and risks; communicate project status and constraints to stakeholders
Brief technical and non-technical stakeholders on risk, severity and prioritized remediations, and advise on practical mitigation strategies
Maintain professionalism and independence expected of assessment personnel and ensure assessments are defensible and audit-ready
Qualifications
Minimum 7 years of experience conducting cybersecurity assessments, audits, or control assessments in government or regulated environments
Demonstrated experience across project management, network design concepts, and testing the security of government systems to identify vulnerabilities
Strong working knowledge of federal control assessment and risk management practices
Ability to develop/execute assessment of test plans and document results with clear pass/fail rationale and remediation guidance
Strong technical writing skills and experience producing assessment deliverables for audit/ATO packages and compliance reviews
Experience supporting A&A / authorization activities and maintaining audit-ready security documentation (e.g., SSP/SAP/SAR/POA&M)
Familiarity with common federal assessment artifacts and roles, including coordinating with system owners and stakeholders to execute assessments and record results
Experience leading teams delivering multiple concurrent assessments in enterprise environments (on-prem, cloud, hybrid)
Preferred Qualifications
Bachelor's degree in information systems, Computer Science, or related field
Preferred Certifications:
GIAC Web Application Penetration Tester (GWAPT)
Certified Ethical Hacker (CEH)
GIAC Systems and Network Auditor (GSNA)
Certified Penetration Tester (CPT)
Certified Expert Penetration Tester (CEPT)
GIAC Certified Web Application Defender (GWEB)
Offensive Security Certified Professional (OSCP)
CREST Penetration Testing Certifications
Travel Requirements This is a hybrid position, with work performed both remotely and at designated client or corporate locations, as needed. Travel requirements may vary depending on project assignments, client meetings, or internal collaboration and will be communicated in advance whenever possible.
EEO Statement Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.
As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.
We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience.
If you require reasonable accommodation during the hiring process due to a disability, please contact hr@aretum.com for assistance.
U.S. Work Authorization Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements.
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off
Family Leave (Maternity, Paternity)
Short Term & Long-Term Disability
Training & Development
#J-18808-Ljbffr