Authorization and Accreditation Lead
Core One•McLean, VA
About The Position
Core One is seeking an Authorization and Accreditation Lead to support our IC program. This position requires a TS/SCI w/ Poly clearance. The Authorization and Compliance Lead is responsible for implementing and maintaining cybersecurity controls, ensuring compliance with federal regulations, and guiding information systems through the Customer’s A&A process. This role requires a deep understanding of federal cybersecurity standards, proactive engagement with stakeholders, and the ability to operate independently in a fast-paced environment.
Requirements
- Bachelor’s Degree, or more advanced degree, in Information Technology, Computer Science, Cybersecurity, Computer Engineering, or Information Systems or related field
- 5+ years of cumulative experience spanning IT systems administration, cybersecurity compliance, IT system troubleshooting, and incident
- 6+ years of experience in a role such as Information Systems Security Engineer (ISSE), accrediting Sponsor programs
- Experience with completing new system(s) authorization and accreditation through the Sponsor’s Authorization and Accreditation (A&A) processes, procedures, security requirements, and systems (e.g. Greenlight)
- Experience using the Sponsor’s A&A process to accredit systems built on C2E or C2S Amazon Web Services
- Experience in security policy, counterintelligence, and security controls
- TS/SCI w/ Poly Clearance
Nice To Haves
- Certified in AWS or equivalent cloud technology
- Security+
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM), or equivalent
Responsibilities
- Lead and execute activities across all RMF phases (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor).
- Develop, review, and maintain accreditation artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and POA&Ms.
- Monitor compliance with NIST 800-53, 800-171, ICD 503, FedRAMP, FISMA, and agency-specific policies.
- Prepare for and support audits, inspections, and assessments.
- Conduct vulnerability scanning, compliance checks, risk assessments, and remediation tracking using tools such as Nessus or Tenable.sc.
- Create and maintain security documentation, continuous monitoring strategies, incident response plans, and compliance reports.
- Provide briefings and status updates to leadership and Authorizing Officials.
- Collaborate with system owners, engineers, and developers to ensure security is integrated into design, development, and operations.
- Support investigation, response, and remediation of security incidents.
- Manage account recertifications, access reviews, and deliver security awareness training at the system level.
- Serve as the primary cybersecurity point of contact for assigned systems, ensuring clear communication with internal and external stakeholders.
Benefits
- competitive total compensation package
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
