ICF Consulting Group, Inc. Assessment and Authorization (A&A) Analyst in Petersburg, Virginia
Fort Lee, VA
$5k sign-on Bonus
Join our team of cyber pioneers with expertise and decades of experience defending and protecting some of the nation s most valuable resourcesICF. Through implementation of effective cybersecurity solutions, ICF supports security awareness, readiness, resilience and response to cyber incidents. Our extensive customer base has benefited from the leading-edge work our security engineers and data scientists perform in maintaining and advancing situational awareness of the current cyber threat landscape.
The Assessment and Authorization (A&A) Analyst is responsible for planning, documenting, and conducting comprehensive security assessments using both the DOD Information Assurance Certification and Accreditation Process (DIACAP) and NIST Risk Management Framework (RMF). Additionally, the Analyst is responsible for reviewing existing documentation, IA controls, and DISA Security Technical Implementation Guideline (STIG) implementations.
_Key Responsibilities:_ * Performing comprehensive security assessments using the DOD Information Assurance Certification and Accreditation Process (DIACAP). * Developing IT system security documentation as required by both the DIACAP and the NIST Risk Management Framework (RMF). * Develop, maintain, and update the Plan of Action and Milestones (POA&M). * Utilize knowledge of Mission Assurance Categories (MAC), Classification Levels (CL) and the 8500.2 IA controls associated with each level. * Responsible for documentation review; reading over policy and procedures; Ports Protocols and Services Management (PPSM); system and network diagrams, descriptions, SOPs, previous certification and accreditation documents; compiling and generating deliverables (DIACAP scorecard, and findings). * Reviewing IA Controls with the customer for specific applicability and compliancy. * Conducting Security Tests and Evaluation (ST&E) for Accreditation or re-accreditation. * Analyzing ST&E results; assess, determine, and describe risks associated with the results. * Understanding of DISA Security Technical Implementation Guides (STIGs) * Knowledge of DoD policies, regulations, and guidelines. * Travel up to 10%.
* Ability to maintain a DoD clearance.
* Bachelor's Degree or the equivalent combination of education, professional training, or work experience.
* DOD 8570 Compliance, or the ability to quickly obtain the security certifications: Security , and CEH.
* Minimum of three (3) years C&A experience.
* Experience with the use of the DoD Vulnerability Management System (VMS) and Electronic Enterprise Mission Assurance Support Service (eMASS).
* Knowledge of Continuous Monitoring and Risk Scoring (CMRS), Host Based Security Systems (HBSS), and the Assured Compliance Assessment Solution (ACAS).
* Ability to demonstrate strong knowledge of computer security concepts.
* Demonstrated ability to document processes and procedures.
* Initiative and a personal interest in Information Technology Security.
* People skills, and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details.
* Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), GIAC Systems and Network Auditor (GSNA).
* A strong understanding of DOD information assurance policy and regulations.
_Professional Skills:_ * Excellent written and verbal communication skills. * Excellent problem solving skills.
ICF offers an excellent benefits package, an award winning talent development program, and fosters a highly skilled, energized and empowered workforce.
ICF is an equal opportunity employer that values diversity at all levels. (EOE Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity)
Working at ICF Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. ICFtogether for tomorrow.
About ICF ICF (NASDAQ:ICFI) is a global consulting and technology services provider with more than 5,000 professionals focused on making big things possible for our clients. We are business analysts, policy specialists, technologists, researchers, digital strategists, social scientists and creatives. Since 1969, government and commercial clients have worked with ICF to overcome their toughest challenges on issues that matter profoundly to their success. Come engage with us aticf.com.
Requisition ID: /1700002709/