Cybersecurity Assessment and Authorization Validator

American Systems•Middletown, RI

About The Position

AMERICAN SYSTEMS is an employee-owned federal government contractor supporting national priority programs through our strategic solutions in the areas of Information Technology, Test & Evaluation, Program Mission Support, Engineering & Analysis, and Training. We are seeking a Cybersecurity Assessment and Authorization Validator to support Navy and DoD customers by delivering technical and programmatic Information Assurance and Cybersecurity services for strategic combat and non-enterprise network and information systems. This position is responsible for evaluating and strengthening system security posture, supporting assessment and authorization activities, and ensuring compliance with DoD, Navy, and Federal cybersecurity requirements.

Requirements

Active Secret security clearance or the ability to obtain/reinstate a Secret clearance.
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
2–4 years of related professional experience in information assurance, cybersecurity, risk management, or systems security. Or 7+ years of experience required for those without a Bachelor’s degree.
IAT Level II or III certification - CompTIA Security+ certification required or obtainable within 3 months of hire.
Working knowledge of security authorization processes, security documentation, and vulnerability assessment practices.
Ability to manage multiple priorities and support deadlines in a regulated environment.
Strong analytical, documentation, and problem-solving skills.
Information Assurance and Cybersecurity
Risk and Vulnerability Assessment
Security Test and Evaluation
Certification and Accreditation Support
Compliance Analysis
Security Documentation Development
Security Architecture Support
Audit and Risk Mitigation Planning

Nice To Haves

Experience supporting DoD or Navy cybersecurity programs.
CSWF certification preferred.
Additional advanced cybersecurity certifications such as CISSP, SecurityX, CISM CCNA Security, CySA+, GICSP, GSEC, SSCP, or CND are a plus.
Knowledge of Federal cybersecurity laws, regulations, and security compliance frameworks.
Experience with vulnerability scanning tools, security configuration management, and incident response support.

Responsibilities

Provide technical and programmatic Information Assurance (IA) services and perform independent risk assessments in support of network and information security systems.
Lead and facilitate meetings, briefings, and cross-functional discussions with technical and non-technical stakeholders to communicate security risks, vulnerabilities, assessment results, and remediation progress, and to drive alignment and timely resolution of identified issues.
Prepare cybersecurity documentation using accepted DoD guidelines and frameworks, such as RMF and related certification/authorization processes.
Review Security Assessment Plans (SAP), ensuring the implementation of Assured Compliance Assessment Solution (ACAS) Scans, Security Technical Implementation Guides (STIG), Security Content Automation Protocols (SCAP) and Cybersecurity Assessment Reports (CSAR).
Provide Assessment and Authorization (A&A) support, including observing tests, analyzing actual test results, and making recommendations for improvement of security plans, contingency plans, and security risk/vulnerability assessments.
Analyze policies and procedures and validate compliance with Risk Management Framework (RMF), Security Objectives and Controls against applicable Federal laws, regulations, and DoD/Navy requirements, and recommend corrective actions to close compliance gaps.
Recommend and support system enhancements to resolve identified security deficiencies.
Review documented compliance scans results and evaluate system administration practices and security products.
Conduct security program audits and develop mitigation strategies to reduce identified risks.
Develop strategies to address privacy, risk management, and e-authentication requirements.
Support the development and implementation of security architectures to meet emerging and evolving security requirements.
Evaluate, develop, and improve security policies, requirements, and tools.
Perform vulnerability assessments and develop risk mitigation strategies.