Assessment & Authorization Specialist Security Clearance

Position: Assessment & Authorization Specialist with Security Clearance
A&A Specialist

Location:

Pensacola, FL / Remote

SUMMARY:

The Senior Assessment and Authorization Specialist will support DISA’s sensing capabilities through the full Risk Management Framework process. This includes supporting system accreditation, maintaining Authority to Operate status, performing compliance scans, sustaining accredited baselines, and ensuring all systems remain fully compliant with DoD cybersecurity policies.. ESSENTIAL FUNCTIONS/RESPONSIBILITIES:
· Develop, update, and maintain RMF documentation including System Security Plans, Security Assessment Reports, and Plans of Action and Milestones.
· Support achieving and maintaining Authority to Operate status for the life of the contract.
· Review Government findings monthly, identify mitigations, and submit remediation reports.
· Ensure compliance with all applicable STIGs, SRGs, and IAVA requirements for hardware, firmware, and software.
· Conduct weekly and monthly system compliance scans using approved tools and upload results to DISA reporting systems.
· Remediate STIG and IAVA findings and apply patches, updates, and workarounds in accordance with published IAVA notices and directives.
· Maintain DISA CIO accredited baseline configurations for sensing systems in lab and production environments.
· Ensure deployed systems remain consistent with the authorized baseline unless deviation approval is obtained.
· Update baseline systems monthly with required patches, fixes, and configuration updates.
· Ensure all hardware is labeled with classification level, inventory control number, hardware identification, and that cables are labeled for identification.
· Follow standard rack elevations, wiring diagrams, and configuration guidance as directed by the sensing Program Manager.
· Support continuity of operations, configuration management, operational sustainment, and system evolution activities.
· Maintain documentation related to configuration control, security compliance, inventory, and assessments. REQUIRED EDUCATION, EXPERIENCE, &

CERTIFICATIONS:

· Active Secret clearance required
· Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, or related field; equivalent experience considered.
· Minimum three (3) to seven (7) years of experience supporting RMF, cybersecurity compliance, information assurance, or A&A activities.
· Experience developing RMF artifacts including System Security Plans, Security Assessment Reports, and POA&Ms.
· Experience working with DISA STIGs, IAVA processes, ACAS, Nessus, SCC, and DISA security compliance systems.
· Experience managing system baseline configurations and maintaining accredited configurations.
· Knowledge of DoD cybersecurity policies including DoDD 8500.1 and DoDI 8510.01.
· DoD 8570 IAT II or IAM I certification required (Security+, CySA+, CISM, CASP, CISSP or equivalent).
· Strong understanding of vulnerability management principles and security control implementation.
· Ability to work both independently and collaboratively in a fast paced, mission focused environment.
· Strong written and verbal communication skills with experience supporting cross functional teams.