Cybersecurity Assessment and Authorization (A&A) Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

HII · 1 month ago

Cybersecurity Assessment and Authorization (A&A) Specialist

positionHanscom AFB, MA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$86K/yr - $175K/yr
date2+ years exp

HII's Mission Technologies division is seeking a talented and motivated Cybersecurity Assessment and Authorization (A&A) Specialist to join their dynamic team. This role focuses on ensuring the security and compliance of IT systems supporting the Air Force, conducting assessments, and collaborating with stakeholders to mitigate risks.

Health CarePublic Safety
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Cloud Security: This role will serve as the senior cloud security practitioner in the group. A wide variety of experiences in DevSecOps, cloud engineering, or cloud compliance is necessary. Ability to apply both DoD best practices such as the Cloud Security Requirements Guide and Secure Cloud Computing Architecture is critical. Ability to provide analysis of cloud architecture based on these policies is critical
Assessment : Conduct independent cybersecurity assessments of assigned programs, adhering to the Risk Management Framework (RMF) and Air Force policies. Perform technical testing and validation of cybersecurity posture, based on government and industry best practices, and the implementation of cybersecurity controls. Identify vulnerabilities and recommend remediation strategies to strengthen overall security posture
Authorization : Document assessment findings in a comprehensive Security Assessment Report (SAR). Analyze vulnerability and threat information to identify and enumerate risks. Develop and deliver concise risk reports and briefings to the Authorizing Official and program leadership, ensuring stakeholders understand potential impacts and recommended mitigations. Collaborate with stakeholders to develop and implement effective risk mitigation plans
Cyber Technical Specialist
Experience with one or more cloud providers such as AWS, Microsoft Azure, GCP, or OCI is essential; familiarity with government cloud environments (e.g., Cloud One or CloudWorks) is a plus
Provide guidance and support to clients on cybersecurity best practices for their cloud environments. Knowledge of CIS Cloud Security Benchmarks is important for ensuring proper cloud configuration hardening. Ability to use console, parse json, and work towards automating compliance checks is ideal
Utilize industry-leading security tools to identify and mitigate vulnerabilities. Proficiency in cloud native security tools such as AWS Security Hub, Guard Duty, Microsoft Defender or Sentinel
Cyber Collaborator
Collaborate effectively with system owners, developers, and stakeholders. Build strong working relationships to ensure security is integrated throughout the system development lifecycle
Communicate technical information clearly and concisely to diverse audiences. Prepare and deliver executive-level briefings and reports to senior management, effectively communicating complex technical topics
Produce high-quality technical documentation. Develop clear, understandable, and actionable reports on diverse technical security and policy issues

Qualification

Cloud SecurityCybersecurity AssessmentsRisk Management FrameworkCloud ComplianceAWSMicrosoft AzureGCPCIS Cloud Security BenchmarksVulnerability ManagementDoD 8140 / 8570 CertificationTechnical DocumentationCommunication SkillsCollaboration Skills

Required

Experience with one or more cloud providers such as AWS, Microsoft Azure, GCP, or OCI
Strong understanding of information security principles: access control, authentication, system hardening, vulnerability management, and data protection
Practical IT experience across a range of environments and technologies such as Windows and Linux operating systems, containerized platforms, cloud services, and DevSecOps practice
Must have a DoD 8140 / 8570 compliance certification
A Secret clearance is required
2 years' experience with Bachelor's in related field; or High School Diploma and 6 years relevant experience for Cloud Engineer 2
5 years' experience with Bachelor's in related field; or High School Diploma and 9 years relevant experience for Cloud Engineer 3
9 years' experience with Bachelor's in related field; or High School Diploma and 13 years relevant experience for Cloud Engineer 4
Ability to apply both DoD best practices such as the Cloud Security Requirements Guide and Secure Cloud Computing Architecture
Ability to provide analysis of cloud architecture based on these policies
Conduct independent cybersecurity assessments of assigned programs, adhering to the Risk Management Framework (RMF) and Air Force policies
Perform technical testing and validation of cybersecurity posture, based on government and industry best practices, and the implementation of cybersecurity controls
Identify vulnerabilities and recommend remediation strategies to strengthen overall security posture
Document assessment findings in a comprehensive Security Assessment Report (SAR)
Analyze vulnerability and threat information to identify and enumerate risks
Develop and deliver concise risk reports and briefings to the Authorizing Official and program leadership
Collaborate with stakeholders to develop and implement effective risk mitigation plans
Provide guidance and support to clients on cybersecurity best practices for their cloud environments
Knowledge of CIS Cloud Security Benchmarks
Ability to use console, parse json, and work towards automating compliance checks
Utilize industry-leading security tools to identify and mitigate vulnerabilities
Proficiency in cloud native security tools such as AWS Security Hub, Guard Duty, Microsoft Defender or Sentinel
Collaborate effectively with system owners, developers, and stakeholders
Communicate technical information clearly and concisely to diverse audiences
Prepare and deliver executive-level briefings and reports to senior management
Produce high-quality technical documentation
Develop clear, understandable, and actionable reports on diverse technical security and policy issues

Preferred

AWS Certified Security Specialist
AWS Certified Solution Architect
Azure Security Engineer
Familiarity with government cloud environments (e.g., Cloud One or CloudWorks)

Benefits

Best-in-class medical, dental and vision plan choices
Wellness resources
Employee assistance programs
Savings Plan Options (401(k))
Financial planning tools
Life insurance
Employee discounts
Paid holidays and paid time off
Tuition reimbursement
Early childhood and post-secondary education scholarships

Company

HII

twittertwittertwitter
Glassdoor3.6
company-logo
HII is committed to delivering capabilities of exceptional quality and safety to our customers, and to the safety, health and welfare.
dateFounded in 2011
location
Newport News, Virginia, USA
people-size10001+ employees
web-link
https://hii.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Julia Evans
Sr. HR Business Partner 4
linkedin
leader-logo
Mark Davis
Chief Operations Officer for the Associate Laboratory Director, Weapons Production , LANL
linkedin

Recent News

GlobeNewswire
HII Expands European Unmanned Operations with New Facility in Portchester, UK
2026-01-12
MarketScreener
HII Hosts Secretary of War Pete Hegseth at Newport News Shipbuilding
2026-01-06
Naval News
HII to Build Small Surface Combatants for US Navy
2025-12-21
Company data provided by crunchbase