Authorization and Accreditation (A&A) Specialist

About The Position

Requirements

• Active DoD Secret clearance required.
• Minimum three (3) years of experience supporting RMF, cybersecurity compliance, information assurance, or A&A activities.
• Experience developing RMF artifacts including System Security Plans, Security Assessment Reports, and POA&Ms.
• Experience working with DISA STIGs, IAVA processes, ACAS, Nessus, SCC, and DISA security compliance systems.
• Experience managing system baseline configurations and maintaining accredited configurations.
• Knowledge of DoD cybersecurity policies including DoDD 8500.1 and DoDI 8510.01.
• DoD 8570 IAT II or IAM I certification required (Security+, CySA+, CISM, CASP, CISSP or equivalent).
• Strong understanding of vulnerability management principles and security control implementation.
• Ability to work both independently and collaboratively in a fast paced, mission focused environment.
• Strong written and verbal communication skills with experience supporting cross functional team.
• Proven ability to lead technical efforts and communicate complex concepts to both technical and non-technical audiences.

Nice To Haves

• Bachelor’s degree in a related field (or equivalent experience).
• Experience supporting DISA, DoD cyber programs, or large scale operational sensor platforms is highly desired.

Responsibilities

• Develop, update, and maintain RMF documentation including System Security Plans, Security Assessment Reports, and Plans of Action and Milestones.
• Support achieving and maintaining Authority to Operate (ATO) status for the life of the contract.
• Review Government findings monthly, identify mitigations, and submit remediation reports.
• Ensure compliance with all applicable STIGs, SRGs, and IAVA requirements for hardware, firmware, and software.
• Conduct weekly and monthly system compliance scans using approved tools and upload results to DISA reporting systems.
• Remediate STIG and IAVA findings and apply patches, updates, and workarounds in accordance with published IAVA notices and directives.
• Maintain DISA CIO accredited baseline configurations for sensing systems in lab and production environments.
• Ensure deployed systems remain consistent with the authorized baseline unless deviation approval is obtained.
• Update baseline systems monthly with required patches, fixes, and configuration updates.
• Ensure all hardware is labeled with classification level, inventory control number, hardware identification, and that cables are labeled for identification.
• Follow standard rack elevations, wiring diagrams, and configuration guidance as directed by the sensing Program Manager.
• Support continuity of operations, configuration management, operational sustainment, and system evolution activities.
• Maintain documentation related to configuration control, security compliance, inventory, and assessments.
• Provide required onsite support at DISA HQ for classified A&A packages and coordination with Government stakeholders.

Benefits

• Foxhole Technology offers a competitive benefits package for our employees and their dependents, including health, dental, and vision care, paid leave, retirement plans (401K, Roth, and ESOP), life and disability insurance, flexible spending accounts, and education and training assistance.