16th July, 2025
Role: Cybersecurity Certification and Accreditation Analyst.
Location: Ft Belvoir, VA. - Hybrid (3 days onsite).
Job Description:
Responsibilities:
- Serves as a cybersecurity Subject Matter Expert (SME) with regard to the authorization of information systems and all associated cybersecurity policies and procedures.
- Fully versed in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
- Performs a DOD cybersecurity process while either authorizing an information system or serving as an SME for an information system undergoing authorization.
- Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization’s IT infrastructure, such as DLA’s, in which there is a compilation of large and small enclaves, AIS applications, and outsourced IT processes.
- Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system’s current or future authorization.
- Required to brief senior management on the progress or results of an information system undergoing the authorization process.
Minimum Experience: - Five (5) years of relevant C&A experience; NIST C&A experience; DOD cybersecurity experience.
- DOD Secret Clearance.
- Relevant certification meeting DOD 8570.01 IAM level III.
- Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
The contractor shall be responsible for the following tasks: • Needs Assessment:
o Collaborate with key stakeholders to gather requirements for workflow tracking templates.
o Identify existing documentation or systems that may influence template development.
• Template Development:
o Design templates suitable for various workflow processes, including but not limited to task tracking, progress monitoring, and approvals.
o Ensure templates are user-friendly, scalable, and compatible with the organization’s existing tools (e.g., Excel, Word, SharePoint, or workflow management systems).
• Template Maintenance:
o Perform regular updates to templates based on user feedback and evolving agency needs.
o Ensure version control and maintain documentation for all changes made.
• Training and Support:
o Provide initial training to staff on the proper use of templates.
o Offer ongoing technical support and guidance as needed.
• Quality Assurance:
oTest templates for functionality, reliability, and data accuracy.
o Ensure alignment with organizational standards, policies, and best practices.
Data Collection and Tracking: Establish a centralized mechanism (e.g., spreadsheet, database) to collect and track SM-related audit findings, including:
• Audit type (FSA, GAO, SOIDC, etc.).
• System/application affected.
• Specific control deficiency.
• Severity level (high, moderate, low).
• Remediation status.
Trend Analysis: Regularly analyze the collected data to identify trends and patterns in SM-related audit findings. This includes:
• Identifying recurring control deficiencies across systems/audits.
• Analyzing the root causes of common findings.
• Assessing the effectiveness of existing remediation efforts.
Reporting and Recommendations: Prepare and deliver periodic reports to SM EOPR summarizing:
• Key audit finding trends and their potential impact on DLA.
• Recommendations for proactive measures to address recurring control deficiencies and improve SM posture.
• Insights to inform policy updates, training programs, and system security enhancements.
Apply For Job