Assessment and Authorization Functional Lead
Listed on 2026-07-11
-
IT/Tech
Cybersecurity, Information Security
Overview
Your growth matters to us - explore our career development opportunities.
Be empowered to succeed in a people-first culture that values collaboration and ingenuity. Learn how we’ll support your wellbeing and pursue a balanced, fulfilling life. Discover what to expect during your candidate journey with us.
The OpportunityAssessment and Authorization Functional Lead
Role
:
In this role, you’ll turn complex risk into clear action by supporting Risk Management Framework (RMF) activities and driving Assessment & Authorization (A&A) packages through Authorization to Operate (ATO). You’ll partner with engineering and mission teams to scope controls, assess risk, remediate gaps, and sustain continuous monitoring so systems remain secure and compliant.
You Have
:
- 5+ years of experience leading Information Security, Cyber Risk Management, or Security Compliance programs
- Experience with eGRC platforms
- Experience applying RMF across categorization, control selection or implementation, assessment, authorization, and continuous monitoring
- Experience leading A&A efforts, improving A&A efficiency, reducing authorization timelines, and coordinating ATO decisions with Authorizing Officials
- Experience performing security control assessments and producing artifacts such as Security Assessment Reports (SAR) and Plans of Action & Milestones (POAMs)
- Experience developing and maintaining security documentation, including System Security Plans (SSP) and control implementation statements
- Knowledge of NIST SP 800-53 Rev. 5 control families, tailoring controls to impact levels, and FISMA processes supporting RMF and authorization decisions
- Public Trust
- Bachelor’s degree
- CISSP, CISA, CISM, or CRISC Certification
- Experience at NIH or other health research-focused institutions
- Experience communicating complex security concepts clearly to non-technical stakeholders and senior leaders
- Experience producing concise A&A documentation and executive-ready summaries
- Knowledge of structured writing and plain-language techniques for technical documentation
- Knowledge of stakeholder analysis and change management to drive adoption of security recommendations
- Ability to write crisply, edit meticulously, and proofread to ensure consistency across artifacts
- Ability to facilitate working sessions, build consensus, and present recommendations confidently
- Master's degree
Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client. Public Trust determination is required.
CompensationAt Booz Allen, we celebrate your contributions, provide opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.
Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. Learn more about our total benefits on the Resource page of our Careers site and on Our Employee Benefits page.
Salary at Booz Allen is determined by location, education, knowledge, skills, competencies, experience, and contract-specific requirements. The projected compensation range for this position is $ to $ (annualized USD). This posting will close within 90 days from the Posting Date.
Identity StatementAs part of the hiring process, we may ask you to complete an identity verification process that leverages biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You may be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Candidate AI Usage PolicyAI is a part of our daily work at Booz Allen. We are committed to the responsible and ethical use of AI tools, and the use of…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).