Cybersecurity Assessment and Authorization (A&A) Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

Mission Technologies, a division of HII · 1 day ago

Cybersecurity Assessment and Authorization (A&A) Specialist

positionHanscom AFB, MA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$86K/yr - $175K/yr
date2+ years exp

Mission Technologies, a division of HII, is seeking a talented Cybersecurity Assessment and Authorization (A&A) Specialist to support the Air Force Cloud and DevSecOps environment. The role involves conducting cybersecurity assessments, ensuring compliance, and collaborating with stakeholders to enhance security posture.

Defense & Space
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Cloud Security: This role will serve as the senior cloud security practitioner in the group. A wide variety of experiences in DevSecOps, cloud engineering, or cloud compliance is necessary. Ability to apply both DoD best practices such as the Cloud Security Requirements Guide and Secure Cloud Computing Architecture is critical. Ability to provide analysis of cloud architecture based on these policies is critical
Assessment: Conduct independent cybersecurity assessments of assigned programs, adhering to the Risk Management Framework (RMF) and Air Force policies. Perform technical testing and validation of cybersecurity posture, based on government and industry best practices, and the implementation of cybersecurity controls. Identify vulnerabilities and recommend remediation strategies to strengthen overall security posture
Authorization: Document assessment findings in a comprehensive Security Assessment Report (SAR). Analyze vulnerability and threat information to identify and enumerate risks. Develop and deliver concise risk reports and briefings to the Authorizing Official and program leadership, ensuring stakeholders understand potential impacts and recommended mitigations. Collaborate with stakeholders to develop and implement effective risk mitigation plans
Provide guidance and support to clients on cybersecurity best practices for their cloud environments. Knowledge of CIS Cloud Security Benchmarks is important for ensuring proper cloud configuration hardening. Ability to use console, parse json, and work towards automating compliance checks is ideal
Utilize industry-leading security tools to identify and mitigate vulnerabilities. Proficiency in cloud native security tools such as AWS Security Hub, Guard Duty, Microsoft Defender or Sentinel
Collaborate effectively with system owners, developers, and stakeholders. Build strong working relationships to ensure security is integrated throughout the system development lifecycle
Communicate technical information clearly and concisely to diverse audiences. Prepare and deliver executive-level briefings and reports to senior management, effectively communicating complex technical topics
Produce high-quality technical documentation. Develop clear, understandable, and actionable reports on diverse technical security and policy issues

Qualification

Cloud SecurityCybersecurity AssessmentsRisk Management FrameworkAWS Security HubCIS Cloud Security BenchmarksDoD 8140 / 8570 certificationVulnerability ManagementTechnical DocumentationCommunication SkillsCollaboration Skills

Required

Experience with one or more cloud providers such as AWS, Microsoft Azure, GCP, or OCI is essential; familiarity with government cloud environments (e.g., Cloud One or CloudWorks) is a plus
Ability to apply both DoD best practices such as the Cloud Security Requirements Guide and Secure Cloud Computing Architecture is critical
Ability to provide analysis of cloud architecture based on these policies is critical
Conduct independent cybersecurity assessments of assigned programs, adhering to the Risk Management Framework (RMF) and Air Force policies
Perform technical testing and validation of cybersecurity posture, based on government and industry best practices, and the implementation of cybersecurity controls
Identify vulnerabilities and recommend remediation strategies to strengthen overall security posture
Document assessment findings in a comprehensive Security Assessment Report (SAR)
Analyze vulnerability and threat information to identify and enumerate risks
Develop and deliver concise risk reports and briefings to the Authorizing Official and program leadership, ensuring stakeholders understand potential impacts and recommended mitigations
Collaborate with stakeholders to develop and implement effective risk mitigation plans
Provide guidance and support to clients on cybersecurity best practices for their cloud environments
Knowledge of CIS Cloud Security Benchmarks is important for ensuring proper cloud configuration hardening
Ability to use console, parse json, and work towards automating compliance checks is ideal
Utilize industry-leading security tools to identify and mitigate vulnerabilities
Proficiency in cloud native security tools such as AWS Security Hub, Guard Duty, Microsoft Defender or Sentinel
Collaborate effectively with system owners, developers, and stakeholders
Build strong working relationships to ensure security is integrated throughout the system development lifecycle
Communicate technical information clearly and concisely to diverse audiences
Prepare and deliver executive-level briefings and reports to senior management, effectively communicating complex technical topics
Produce high-quality technical documentation
Develop clear, understandable, and actionable reports on diverse technical security and policy issues
Strong understanding of information security principles: access control, authentication, system hardening, vulnerability management, and data protection
Practical IT experience across a range of environments and technologies such as Windows and Linux operating systems, containerized platforms, cloud services, and DevSecOps practice
A Secret clearance is required
Must be able to work on customer site at Hanscom AFB and HII office in Concord, MA
Travel estimated at 10% could be required
Cloud Engineer 2 - 2 years' experience with Bachelor's in related field; or High School Diploma and 6 years relevant experience
Cloud Engineer 3 - 5 years' experience with Bachelor's in related field; or High School Diploma and 9 years relevant experience
Cloud Engineer 4 - 9 years' experience with Bachelor's in related field; or High School Diploma and 13 years relevant experience

Preferred

Must have a DoD 8140 / 8570 compliance certification
AWS Certified Security Specialist, AWS Certified Solution Architect, Azure Security Engineer, or similar

Benefits

Best-in-class medical, dental and vision plan choices
Wellness resources
Employee assistance programs
Savings Plan Options (401(k))
Financial planning tools
Life insurance
Employee discounts
Paid holidays and paid time off
Tuition reimbursement
Early childhood and post-secondary education scholarships
Bonus/other non-recurrent compensation is occasionally offered for qualified positions

Company

Mission Technologies, a division of HII

twittertwitter
company-logo
HII’s Mission Technologies division develops integrated solutions that enable today’s connected, all-domain force.
dateFounded in 2011
location
Mclean, Virginia, USA
people-size5001-10000 employees
web-link
https://tsd.huntingtoningalls.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Marc Sosa
Senior Vice President and Chief Information Officer
linkedin

Recent News

Investing.com
Huntington Ingalls awarded $97.7 million contract for USS Harry S. Truman
2025-12-30
The Virginian-Pilot
Hampton mayor announces HII will invest $28M in high-tech manufacturing facility for Newport News Shipbuilding
2025-12-05
Naval News
HII and Shield AI Successfully Combine Proven Autonomy in USV Operations
2025-11-07
Company data provided by crunchbase