Nicholas Best - Security Control Assessor - AetherForge | Himalayas
NB
Open to opportunities

Nicholas Best

@nicholasbest

Results-driven Security Control Assessor with expertise in compliance.

United States
Message

What I'm looking for

I am looking for a role that fosters growth and innovation in cybersecurity.

I am a results-driven Security Control Assessor with over 5 years of experience supporting federal and commercial environments in achieving compliance through the full Risk Management Framework (RMF) lifecycle. My expertise lies in evaluating security controls per NIST SP 800-53 Rev 5, developing formal assessment documentation, and driving Authorization to Operate (ATO) processes.

Throughout my career, I have demonstrated proficiency in stakeholder engagement, technical evidence review, and vulnerability identification. I have successfully led full lifecycle RMF assessments, developed tailored Security Assessment Plans, and authored comprehensive Security Assessment Reports. My ability to work cross-functionally with ISSOs, system owners, and engineering teams has been instrumental in maintaining compliant, risk-informed security postures.

Experience

Work history, roles, and key accomplishments

AE
Current

Security Control Assessor

AetherForge

Aug 2023 - Present (1 year 11 months)

Led full lifecycle RMF assessments for FISMA-moderate and FedRAMP systems, developing and executing Security Assessment Plans (SAP). Conducted in-depth control testing against NIST 800-53 controls, authoring Security Assessment Reports (SAR) with severity ratings and mitigation strategies.

NIST 800 53FISMAFedRAMPSecurity Control Assessment
BE

Junior Security Control Assessor

Bincom Enterprises

Dec 2019 - Present (5 years 7 months)

Assisted senior SCAs in system categorization and tailoring baseline controls, reviewing and editing various security plans. Logged and tracked vulnerabilities from Nessus and OpenVAS scans, performing manual verification.

System SecurityNessusOpenVasVisio

Education

Degrees, certifications, and relevant coursework

University of Maryland, College Park logoUP

University of Maryland, College Park

Bachelor's Degree, Criminal Justice & Criminology

Studied Criminal Justice & Criminology at the University of Maryland, College Park. Gained foundational knowledge in legal frameworks and societal aspects relevant to security and compliance.

Tech stack

Software and tools used professionally

Splunk logo

Splunk

Jira logo

Jira

Wireshark logo

Wireshark

Linux logo

Linux

Windows logo

Windows

Windows Server logo

Windows Server

Qualys logo

Qualys

Microsoft Excel logo

Microsoft Excel

Root Cause logo

Root Cause

Mapped logo

Mapped

Burp Suite logo

Burp Suite

Availability

Open to opportunities

Location

United States

Authorized to work in

United States

Job categories

Security Compliance AnalystCloud EngineerCompliance AnalystRisk Management SpecialistCybersecurity ConsultantSecurity Compliance OfficerSecurity AnalystSecurity Risk SpecialistSenior Security GRC AnalystInformation Security Analyst

Skills

Security Control AssessmentRisk FrameworksNIST 800 53FISMAFedRAMPCMMCAWSPythonBASHVulnerability AssessmentSplunkJiraWiresharkWindowsWindows ServerQualysMicrosoft ExcelRoot CauseMappedBurp suiteLinux

Interested in hiring Nicholas?

You can contact Nicholas and 90k+ other talented remote workers on Himalayas.

Message Nicholas

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan