Cyber & A&A Security Lead - Level IV

ATTAINX, Inc.$110K — $140K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a related field or equivalent experience
  • Knowledge of DOC, NOAA, and NWS IT security policies
  • Understanding of NIST guidance, Special Publications, and FIPS
  • Experience leading IT Security teams
  • Minimum 5 years of experience applying IT security concepts
  • 5 years of experience with RMF assessments and enterprise architecture methodologies
  • Strong communication, project management, and organizational skills

Responsibilities

  • Lead Security Assessment and Authorization activities
  • Plan and manage assessment schedules and resources
  • Conduct security control assessments per NIST RMF
  • Review assessment documentation and recommendations
  • Analyze risks and evaluate security control effectiveness
  • Assess cloud environments against federal requirements
  • Liaise between assessment teams and government stakeholders

Benefits

  • Paid vacation
  • Medical, dental, and vision coverage
  • Matching 401(k) plan
  • Tuition/training reimbursement
  • Long & Short-Term Disability
Full Job Description
Position Title: Cybersecurity / Assessment and Authorization (A&A) Team Lead

Location: Hybrid-Remote / Silver Spring, MD (2 days on-site per week)

Clearance: Public Trust / US Citizenship Required

Position Overview

This position provides leadership and technical oversight for Security Assessment and Authorization (SA&A) activities across multiple federal information systems and cloud environments.

The successful candidate will lead teams performing Risk Management Framework (RMF) assessments, coordinate assessment activities with government stakeholders, evaluate security controls, develop authorization packages, and provide recommendations to support Authorization to Operate (ATO) decisions.

Required Qualifications

  • Bachelor's degree or higher in Information Systems, Cybersecurity, Information Technology, Computer Science, or related field.
    • Four (4) years of combined relevant education and experience will be accepted in lieu of a degree.
  • Knowledge of DOC, NOAA, and NWS IT security policies and implementation standards or similar organizations.
  • Comprehensive understanding of NIST guidance, including NIST Special Publications and FIPS.
  • Experience leading teams of IT Security Specialists or Security Assessors.
  • At least 5 years of recent experience applying IT security concepts, methodologies, principles, procedures, and industry-standard security tools.
  • At least 5 years of recent experience with enterprise architecture methodologies, contingency planning, backup/recovery best practices, technical testing tools, and RMF assessments.
  • Robust verbal and written communication skills.
  • Effective interpersonal, project management, and organizational skills
  • Ability to work effectively in a team-oriented environment.


Required Certification

Must possess at least one (1) of the following:

  • CISSP
  • CISA
  • GSNA
  • CEH
  • ISC2 CGRC
  • CISM


Preferred Qualifications

  • Bachelor's degree or higher in Information Systems, Cybersecurity, Information Technology, Computer Science, or related field.
  • Experience assessing cloud-hosted systems in AWS, Azure, or GCP.
  • Experience supporting federal ATO decisions and Continuous Authorization programs.
  • Knowledge of High Value Asset (HVA) requirements.
  • Clear-cut attention to detail and ability to manage multiple priorities.


Job Duties and Responsibilities

  • Lead and oversee full lifecycle Security Assessment and Authorization activities.
  • Plan, coordinate, and manage assessment schedules, resources, and deliverables.
  • Conduct security control assessments in accordance with NIST RMF and NIST SP 800-53.
  • Review SAPs, SARs, VARs, POA&M recommendations, and ATO briefing materials.
  • Conduct risk analyses and evaluate security control effectiveness.
  • Assess cloud-hosted environments against federal cybersecurity requirements.
  • Serve as the primary liaison between assessment teams and government stakeholders.
  • Present assessment findings, risk determinations, and remediation recommendations.
  • Support executive-level briefings and ATO decision activities.
  • Mentor and guide cybersecurity personnel and assessment teams.
  • Recommend security measures to protect organizational information assets.
  • Implement process improvements that enhance assessment quality and efficiency.


Benefits:
  • Paid vacation
  • Medical, dental, and vision coverage
  • Matching 401(k) plan
  • Tuition/training reimbursement
  • Long & Short-Term Disability

Accommodations:
Individuals with disabilities may request reasonable workplace accommodations by contacting AttainX Human Resources directly and specifying the nature of the support needed.

Physical Demands:
This position requires extended periods of sitting, computer use, and communication via phone or email. Occasional lifting of up to 10 pounds may be necessary. Vision abilities required include close, distance, and peripheral vision as well as depth perception.

Work Environment:
The work environment is typically moderate in noise and may require onsite presence during standard business hours.

Similar Jobs

More Jobs at ATTAINX, Inc.

More Information Technology Jobs

Find similar Cyber & A&A Security Lead - Level IV jobs: