A&A Specialist

Job Description

An A&A Specialist will apply appropriate information security controls in accordance with system categorization, review and update security authorization documentation/artifacts in accordance with federal mandates and client policies and procedures, develop test plans and assessment reports in support of system authorization assessments, analyze vulnerability & compliance scan results to interpret risks to the client technology landscape, and track Plan of Actions and Milestones to closure. Specialist will specifically work on A&A activities support DoD Oracle Cloud Infrastructure (OCI) migration effort.

An A&A Specialist will be able to work independently on projects & tasks.

Basic Qualifications

• Interim or Active Secret clearance required
• Bachelor’s Degree or equivalent experience
• 5+ years of working knowledge and experience with one or more of the following Federal security frameworks (FedRAMP, FISMA, Zero Trust Maturity Model, RMF, and NIST SP 800 series and NIST SP 800-53)
• GRC tools experience (e.g. XACTA, ArchAngel, eMASS, CSAM)
• Experience with ACAS scans and mitigation and management of vulnerabilities
• Ability to identify potential threats, and create action plans using best practice
• Experience with NIST RMF and security controls

Preferred

• Experience with DOD accreditation process
• Experience with eMASS tool
• Local to DC metro area