×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant

Cyber & A&A Security Specialist - Hybrid Remote

Remote / Online - Candidates ideally in
Silver Spring, Montgomery County, Maryland, 20900, USA
Listing for: ATTAINX INC
Full Time, Remote/Work from Home position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 98000 USD Yearly USD 98000.00 YEAR
Job Description & How to Apply Below

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process.

Cyber & A&A Security Specialist - Hybrid Remote

Professional Silver Spring, MD, US

2 days ago Requisition

Salary Range: $98,000.00 To $ Annually

Job Title: Cyber & A&A Security Specialist

Location: Hybrid (Reside within a commutable distance of Silver Spring, MD to work onsite as required)

Security Clearance: Must have or the ability to obtain a Moderate Public Trust

AttainX, Inc. is in search of a highly energetic Cyber & A&A Security Specialist to join our team on a cyber security program supporting our US federal government client.

Basic

Minimum Qualifications:
  • Knowledge of DOC, NOAA, and NWS IT security policies and implementation standards or those of similar sized organizations AND comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and Federal Information Processing Standards.
  • At least 5 years of recent experience (within the last 6 years) in applying IT security concepts, methodologies, principles, procedures, and using industry-standard IT security tools.
  • At least 5 years of recent experience (within the last 6 years) with enterprise architecture methodologies, concepts, procedures, principles, and tools.
  • At least 5 years of recent experience (within the last 6 years) in contingency planning and backup and recovery best practices and application of NIST guidance in this area.
  • At least 5 years of recent experience (within the last 6 years) in using technical testing tools (Tenable Security Center, Arc Sight, IBM Big Fix, etc.).
  • At least 5 years of performing assessments of Federal Information Systems using the Risk Management Framework.
  • Ability to work in a cohesive team-oriented environment.
  • Possess at least one of the following Certifications or be able to obtain within six (6) months of hire:
    • Certified Information Systems Security Professional (CISSP).
    • Certified Information Systems Auditor (CISA).
    • GIAC Certified Incident Handler (GCIH).
    • GIAC Systems and Network Auditor (GSNA).
    • Electronic Commerce Council Certified Ethical Hacker (CEH).
    • ISC2 Certified in Governance, Risk and Compliance (CGRC).
    • Security Certified Network Professional (SCNP).
    • Security Certified Network Architect (SCNA).
Preferred Qualifications:
  • Bachelor’s Degree (or higher) in a related field
  • Knowledge of assessing and securing cloud-hosted systems in accordance with federal security requirements
  • Self-starter, highly motivated individual who adapts to a dynamic work environment
  • Strong attention to detail with an ability to operate effectively across multiple priorities.
Key Responsibilities:
  • Conduct full lifecycle Security Control Assessments and Authorization (A&A) activities for NWS FIPS 199 Low, Moderate, High, HVA, and hybrid systems in accordance with the NIST Risk Management Framework (RMF), NWS policy, NOAA, and DOC directives.
  • Validate information System Security Plans (SSPs), FIPS 200, control implementations, and supporting policies and procedures for accuracy, completeness, and NIST SP 800-53 compliance.
  • Execute security control test procedures through documentation review, technical validation, and interviews with system stakeholders to determine control implementation status and effectiveness.
  • Collect, analyze, and document evidentiary artifacts (screenshots, test logs, interview notes) to validate control implementation and effectiveness.
  • Utilize CSAM to retrieve POAMs, artifacts, and other pertinent documentation to assist with the A&A process and ensure accuracy of the A&A documentation uploaded in the tool.
  • Analyze and interpret vulnerability and configuration compliance scan results from tools like Tenable Nessus to identify control gaps, assess risk, and validate remediation actions.
  • Develop and maintain pre-assessment and assessment deliverables, including Security Assessment Plans (SAPs), Security Control Assessment (SCA) workbooks, and kickoff deck briefings.
  • Document assessment results and risk determinations in Security Assessment Reports (SARs), Vulnerability Assessment Reports (VARs), and Authorization to Operate (ATO)…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search