Assessment and Authorization Functional Lead

Booz Allen HamiltonBethesda, MD
$112,800 - $257,000Remote

About The Position

The Opportunity: Cyber threats evolve constantly. In this role, you’ll turn complex risk into clear action by supporting Risk Management Framework (RMF) activities and driving Assessment & Authorization (A&A) packages through Authorization to Operate (ATO). You’ll partner with engineering and mission teams to scope controls, assess risk, remediate gaps, and sustain continuous monitoring so systems remain secure and compliant. Join us. The world can't wait.

Requirements

  • 5+ years of experience leading Information Security, Cyber Risk Management, or Security Compliance programs
  • Experience with eGRC platforms
  • Experience applying NIST Risk Management Framework (RMF) across categorization, control selection or implementation, assessment, authorization, and continuous monitoring
  • Experience leading Assessment & Authorization (A&A) efforts, improving A&A efficiency, reducing authorization timelines, and coordinating Authority to Operate (ATO) decisions with Authorizing Officials
  • Experience performing security control assessments and producing artifacts such as Security Assessment Reports (SAR) and Plans of Action & Milestones (POA&Ms)
  • Experience developing and maintaining security documentation, including System Security Plans (SSP) and control implementation statements
  • Knowledge of NIST SP 800‑53 Rev. 5 control families, tailoring controls to impact levels, and FISMA processes supporting RMF and authorization decisions
  • Public Trust
  • Bachelor’s degree
  • CISSP, CISA, CISM, or CRISC Certification

Nice To Haves

  • Experience at NIH or other health research-focused institutions
  • Experience communicating complex security concepts clearly to non‑technical stakeholders and senior leaders
  • Experience producing concise A&A documentation and executive‑ready summaries
  • Knowledge of structured writing and plain‑language techniques for technical documentation
  • Knowledge of stakeholder analysis and change management to drive adoption of security recommendations
  • Ability to write crisply, edit meticulously, and proofread to ensure consistency across artifacts
  • Ability to facilitate working sessions, build consensus, and present recommendations confidently
  • Master's degree

Responsibilities

  • Support Risk Management Framework (RMF) activities
  • Drive Assessment & Authorization (A&A) packages through Authorization to Operate (ATO)
  • Partner with engineering and mission teams to scope controls
  • Assess risk
  • Remediate gaps
  • Sustain continuous monitoring so systems remain secure and compliant

Benefits

  • health
  • life
  • disability
  • financial
  • retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service