Assessment and Authorization Specialist

Job Overview:

This position will:

• Advise and assist customers with the Lifecycle Assessment and Authorization (A&A) process.
• Advise and assist customers with development of System Security Plans.
• Use COTS/GOTS and custom tools and process and procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.
• Monitor, track, and update status of systems in the assessment queue.
• Coordinate technical security assessments of computing environments and systems to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.
• Assist architects, developers, and engineers in the identification and implementation of appropriate information security controls and potential security functionality to ensure uniform application of security policy and enterprise solutions.
• Create and review A&A Body of Evidence (BOE) documentation, providing succinct assessment on compliance of its content for Customer’s use for A&A adjudication.
• Validate and verify system security requirements definitions and analysis and establishes system security design for controls.
• Design, develop, implement, or integrate IA and security systems and system components including those for networking, computing, virtualization, cloud, and enclave environments to include those with multiple enclaves and with differing data protection requirements.

Contractor shall have the following required skills, certifications and demonstrated experience:

• Demonstrated experience advising and assisting customers with the Lifecycle Assessment and Authorization (A&A) process.
• Demonstrated experience advising and assisting customers with development of System Security Plans.
• Demonstrated experience using COTS/GOTS and custom tools and process or procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.
• Demonstrated experience monitoring, tracking, and updating status of systems in the assessment queue.
• Demonstrated experience coordinating technical security assessments of computing environments and systems to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.
• Demonstrated experience assisting architects, developers, and engineers in the identification and implementation of appropriate information security controls and potential security functionality to ensure uniform application of security policy and enterprise solutions.
• Demonstrated experience creating and reviewing A&A Body of Evidence (BOE) documentation, providing assessment on compliance of its content for A&A adjudication.
• Demonstrated experience validating and verifying system security requirements definitions and analysis and establishing system security designs for controls.
• Demonstrated experience assessing and mitigating system security threats or risks throughout the program life cycle.

Skills and demonstrated experiences that are highly desired but not required to perform the work include:

• Demonstrated experience creating and reviewing A&A Body of Evidence (BOE) documentation, providing assessment on compliance of its content for Customer’s use for A&A adjudication.
• Demonstrated experience supporting the design, development, implementation and integration of IA and security systems and system components including those for networking, computing, virtualization, cloud, and enclave environments to include those with multiple enclaves and with differing data protection or classification requirements.
• Demonstrated experience in Cybersecurity, Information Assurance, Information Technology, or equivalent.
• Demonstrated experience implementing security and risk mitigations in compliance defined in IC, FISMA, and NIST policies.
• Demonstrated experience supporting multiple complex programs simultaneously, prioritizing work appropriately.
• Demonstrated ability to deliver tailored briefings that convey complex concepts or technical information regarding information security issues clearly and concisely to audience of diversified rank, skills, and experience.
• Demonstrated experience with the Customer A&A tracking tool and best practices for its use.
• Demonstrated experience with Customer’s security scanning requirements and documentation best practices.

• Certifications:
• Certified Information System Security Professional (CISSP) 
• CSSLP (Certified Secure Software Lifecycle Professional)
• CompTIA Security+
• AP Certified (Authorization Professional)

US Citizenship:

• This position requires US Citizenship. Verification of US Citizenship to meet federal government security requirements will be confirmed.

Security Clearance:

• The successful candidate must have an active U.S. Government Top Secret Security Clearance with a Full Scope Polygraph.
• Clearance Verification: This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

Travel:

• Local travel/POV will be on an as needed basis, within the local place of performance.