One role within the cybersecurity team that I had interest in was the Security control assessor. This role is a individual or a group of people that is responsible for conducting comprehensive assessment of technical security controls and control enhancements employed within a system to determine the overall effectiveness of the controls. 

Some of those responsibilities are to provide work to find and assess weakness or vulnerabilities in a system and its environment, to recommend actions and to address found vulnerabilities, and to prepare a security report that contains findings from the assessment that was conducted.

They are a part of the team because they are a important and crucial role in risk management in which they ensure that the organization has effective security measures that protect sensitive data. Some other roles they play in are they ensure regulatory compliance to avoid legal or financial penalties, they validate effectiveness of security procedures, and they provide risk assessments to guide decision making.


Some skills that are required for the role to be a Security control assessor is:

-To have technical experience in security frameworks and risk management

-Having analytical skills that assess vulnerabilities

-Communication skills to present security risks to stakeholders

-To have certifications like (CISSP) Certified information systems security professional, Certified Authorization professional (CAP), or a Certified information security manager (CISM) which are very beneficial to trying to go for this position.


In conclusion, the SCA or the security control assessor is a crucial part of the cyber team, in which ensures of the security controls are implemented effectively and help organizations stay compliant and have risk reduction skills.