Cybersecurity Assessment & Authorization (A&A) Analyst
(Must relocate to Kauai)
Amentum is seeking a Cybersecurity Assessment and Authorization Analyst for a position in Kauai, HI. This role with perform assessment and authorization (A&A) efforts under the NIST Risk Management Framework (RMF) on behalf of a federal civilian agency as a contractor. The role will conduct cybersecurity analysis in preparation for A&A reviewing and validation of all associated cybersecurity documentation and technical controls.
The role will work within a team that conducts A&A activities. This individual will develop System Security Plans (SSP), Contingency Plans, Business Impact Analyses (BIA), Plan of Action and Milestones (POA&Ms), Security Assessment Report (SARs), Security Assessment Plan (SAPs), and other documentation.
This position covers all cybersecurity aspects including, but not limited to, identifying risks, validating the mitigation of plans of action, analyzing system designs, and assisting with A&A issues that may prevent a system from receiving authorization. It supports the implementation of RMF by developing documentation and updating policies, procedures, and processes as assigned.
- Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.
- Identify potential risks associated with system configurations and advise on mitigation strategies
- Participate in A&A status meetings and facilitate moving systems toward a successful A&A effort
- Assist with ISSO related duties while interfacing with CSWF IATs
- Assist customer program offices in interpreting and applying mitigation strategies
- Conduct IV&V assessments and analyze test results for accuracy, compliance, and adherence to Federal cybersecurity requirements
- Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&Ms document
- Document residual risks and provide the cybersecurity risk analysis and mitigation determination results
- Produce risk assessment artifacts describing initial risks during system development and residual risks identified during IV&V
- Maintain cybersecurity policy and processes as assigned
- Able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs
- Communicate the security posture of systems through designated reporting mechanism
- Show ability to evaluate computer security requirements for applications or networks; familiar with developing policies to ensure reliability, accessibility, & safeguarding systems, networks, and data
- Collaborate with other team members in cybersecurity
- Individual will perform most of his/her functions within a Network Operations Center (NOC) or similar office where systems are located
- Individual will be required to access all network workstations for software and configuration upgrades, troubleshooting, repair, and modifications. Normal office conditions exist the majority of time.
- The position requires walking, bending, stooping, lifting up to 40 pounds, and minimal climbing to retrieve supplies.
- Work is occasionally performed in proximity to electrical circuits of varying voltages.
- High School Diploma or equivalent plus 5 years’ experience or bachelor’s degree in Information Systems Management, Computer Science, or related field plus 2 years’ experience
- 3 years A&A specific experience
- Current CompTIA Security+ OR CompTIA Cloud+ certification required for this position
- Secret security clearance is required.
- Must meet eligibility requirements to obtain clearance prior to commencement of employment and maintain a security clearance for access to classified information or Closed/Restricted Areas throughout duration of employment.
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.