CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Cyber Security Assessment & Authorization Analyst

United States, Rockville · Job Posted March 19, 2026
Apply Position
Job Link Share

Job Description

The Cyber Security Assessment & Authorization Analyst role at NTT DATA involves leading assessment and authorization efforts for various agency systems, ensuring compliance with NIST standards. Candidates should have a minimum of 8 years of experience in cyber security and a bachelor's degree in a related field. The position requires strong leadership and communication skills, along with expertise in security control assessments and cloud environments.

Job Responsibility

  • Support a client as an assessment and authorization (A&A) analyst, including A&A efforts for various agency systems
  • Leads the team on ISSO and Assessors in the day to day tasks
  • Maintain responsibility for supporting federal clients obtaining the authority to operate (ATO) for new and modernized systems
  • Serve as senior team lead providing guidance and working with team members in performance/delivery of all assigned A&A efforts
  • Adhere to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans
  • Ensure all supporting artifacts and results will be documented in the A&A repository
  • Performing security controls assessments on security boundaries and producing required security documentation
  • Experience with NIST special publications (SPs) regarding the SA process, including SP 800-53, SP 800-137, and SP 800-37
  • Experience with continuous monitoring and plans of action and milestones (POA&M) management
  • Experience with assessing systems deployed in Cloud Environments

Requirements

  • Bachelor's degree in Management Information Systems, Computer Science, or related cybersecurity discipline
  • Minimum 8 years of experience with assessment and accreditation (A&A)
  • Minimum 8 years of experience as a security control assessor or validator
  • Minimum 8 years of experience with maintaining IT security policies, processes, and guidance
  • Minimum 3 years of experience with using GRC tool – CSAM
  • Ability to obtain a Public Trust Clearance

Nice to have

Experience with using continuous monitoring tools to assist with the automation of assessment efforts and with A&A of cloud-platforms

NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Security Assessment & Authorization Analyst

8 matching positions

Cyber Security Analyst 3

Amentum is seeking a Cyber Security Analyst 3 for a position on Kauai, HI. Suppo...
Location
Location
United States , Waimea
Salary
Salary:
118000.00 - 128000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science or related discipline w/ 8 years of cybersecurity experience, or AS w/10 years experience
  • Five years of RMF experience
  • DoD 8570/8140: IAM I
  • Must be able to obtain and maintain a Secret US Government Clearance
  • US Citizenship is required
Job Responsibility
Job Responsibility
  • Oversee the execution of the DoDI 8510.01 Risk Management Framework (RMF) for PMRF Information Systems and assist in implementing the DoD Assessment and Authorization (A&A) procedure
  • Perform all ISSO duties and responsibilities in DODI 8500.01, DODI 8510.01, and U.S. Navy Policy
  • Assist with handling of security events/incidents, as they are escalated, including triage, remediation, documentation, and escalation to management and government customers, as well as after-action reviews
  • Oversee the working group meetings including, but not limited to Cyber Security Working Group Meetings and other contractual required meetings
  • Accurately perform security tasks required by the 32 CFR Part 117 National Industrial Security Operating Manual (NISPOM), National Institute for Standards and Technology (NIST) Special Publication 800-37, DoD 8500.1 DoD Information Assurance Certification and Accreditation Process, DOD Instruction 8510.01 Risk Management Framework for DoD Systems
  • Provide periodic self-assessments to Government System Managers (GSM) and regular feedback on routine and non-routine data-calls
  • Provide employee mentorship, team building and training on cyber security concepts, standards, guidance, and policies
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
Read More
Arrow Right

Senior Cyber Security Analyst

At Boeing, we innovate and collaborate to make the world a better place. We’re c...
Location
Location
Australia , Enoggera
Salary
Salary:
Not provided
boeing.com Logo
Boeing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant degree or 6 years+ relevant experience in similar role
  • Prior Defence, aerospace or cyber industry experience (desirable)
  • Effective communication and interpersonal skills, and demonstrated ability to engage, influence and cooperate with a wide range of internal and external stakeholders
Job Responsibility
Job Responsibility
  • Defines, develops, integrates, designs and maintains security technical controls in a variety of IT environments and systems
  • Defines security product specifications tools and techniques for intrusion detection, intrusion prevention, data loss prevention, Encryption of data, Identity/Access management and authentication methods
  • Analyses security designs and recommends design solutions to lower security risk along with being knowledgeable of national and international privacy requirements
  • Reviews design data elements (threat models, data flow diagrams, requirements, etc.) along with known vulnerabilities associated with IT systems and creates designs and recommendations that lower or eliminate security risk
  • Leads the maintenance of the Apache Assessments and Authorisation
  • Capable of attaining AASB Engineering Authority: Design Engineer
What we offer
What we offer
  • Competitive base pay and incentive programs
  • Industry-leading tuition assistance program pays your institution directly
  • Resources and opportunities to grow your career
  • Up to $10,000 match when you support your favorite nonprofit organizations
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst 3

Amentum is seeking a Cyber Security Analyst 3 for a position on Kauai, HI. Suppo...
Location
Location
United States , Waimea
Salary
Salary:
118000.00 - 128000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science or related discipline w/ 8 years of cybersecurity experience, or AS w/10 years’ experience
  • Five years of RMF experience
  • Equivalent years of experience may be substituted in lieu of education
  • DoD 8570/8140: IAM II
  • Must be able to obtain and maintain a Secret US Government Clearance
  • US Citizenship is required
Job Responsibility
Job Responsibility
  • Oversee the execution of the DoDI 8510.01 Risk Management Framework (RMF) for PMRF Information Systems and assist in implementing the DoD Assessment and Authorization (A&A) procedure
  • Perform all ISSO duties and responsibilities in DODI 8500.01, DODI 8510.01, and U.S. Navy Policy
  • Assist with handling of security events/incidents, as they are escalated, including triage, remediation, documentation, and escalation to management and government customers, as well as after-action reviews
  • Oversee the working group meetings including, but not limited to Cyber Security Working Group Meetings and other contractual required meetings
  • Accurately perform security tasks required by the 32 CFR Part 117 National Industrial Security Operating Manual (NISPOM), National Institute for Standards and Technology (NIST) Special Publication 800-37, DoD 8500.1 DoD Information Assurance Certification and Accreditation Process, DOD Instruction 8510.01 Risk Management Framework for DoD Systems
  • Provide periodic self-assessments to Government System Managers (GSM) and regular feedback on routine and non-routine data-calls
  • Provide employee mentorship, team building and training on cyber security concepts, standards, guidance, and policies
  • Other duties and responsibilities as assigned
  • Lifting, Pushing/Pulling 1-10 lbs
  • Work positions requirements: walking, standing, crawling, kneeling, cramped, sitting and work requiring repeated stooping or frequent climbing
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst 3

Amentum is seeking a Cyber Security Analyst 3 for a position on Kauai, HI. Suppo...
Location
Location
United States , Waimea
Salary
Salary:
118000.00 - 128000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science or related discipline w/ 8 years of cybersecurity experience, or AS w/10 years' experience
  • Five years of RMF experience
  • DoD 8570/8140: IAM II
  • Must be able to obtain and maintain a Secret US Government Clearance
  • US Citizenship is required to obtain and maintain a Secret Clearance
Job Responsibility
Job Responsibility
  • Oversee the execution of the DoDI 8510.01 Risk Management Framework (RMF) for PMRF Information Systems and assist in implementing the DoD Assessment and Authorization (A&A) procedure
  • Perform all ISSO duties and responsibilities in DODI 8500.01, DODI 8510.01, and U.S. Navy Policy
  • Assist with handling of security events/incidents, as they are escalated, including triage, remediation, documentation, and escalation to management and government customers, as well as after-action reviews
  • Oversee the working group meetings including, but not limited to Cyber Security Working Group Meetings and other contractual required meetings
  • Accurately perform security tasks required by the 32 CFR Part 117 National Industrial Security Operating Manual (NISPOM), National Institute for Standards and Technology (NIST) Special Publication 800-37, DoD 8500.1 DoD Information Assurance Certification and Accreditation Process, DOD Instruction 8510.01 Risk Management Framework for DoD Systems
  • Provide periodic self-assessments to Government System Managers (GSM) and regular feedback on routine and non-routine data-calls
  • Provide employee mentorship, team building and training on cyber security concepts, standards, guidance, and policies
  • Other duties and responsibilities as assigned
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Mid Cyber Security Analyst

Mid/Sr. Cybersecurity Analyst. LOCATION: El Segundo, CA / LAAB. JOB STATUS: Full...
Location
Location
United States , El Segundo
Salary
Salary:
135000.00 - 160000.00 USD / Year
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Masters’s degree in business, Information Security, Information Systems, Computer Science, Engineering, or related field
  • Equivalent combination of education and experience may be substituted for degree requirement
  • 5-10 Years experience performing similar job duties for the SCPNT Program Element Officers portfolio or another related SSC Program Element Officer highly desired
  • Experience or knowledge with MOU/SLAs and RMF Policies to support interconnections and compliance with policy management of the systems
  • Excellent and detail-oriented organizational, interpersonal, and communications skills
  • Must have an active and transferrable DoD TS/SCI security clearance with current investigation at the required level
  • Must be able to maintain the required clearance
  • Required Certifications IAW DoD 8570.01-M
Job Responsibility
Job Responsibility
  • Develop, update, accomplish Enterprise Mission Assurance Support Service (eMASS) entries and updates, coordinate and staff A&A packages for SCPNT mission systems
  • Maintain, prepare and distribute SCPNT mission systems A&A schedules and package status reports
  • Register named SCPNT mission systems in ITIPS formerly referred to as the Enterprise Information Technology Database Repository (EITDR) in compliance with the Federal Information Security Management Act (FISMA)
  • Review SCPNT mission systems certification policies, programs, procedures and reports for initial and follow-on system releases, including new and evolving cyber system requirements, and document findings with suggested changes
  • Administer SCPNT mission systems information assurance telecoms and eMASS database updates
  • Review and distribute the Information Assurance Strategy and Continuous Monitoring Strategy
  • Conduct and document Security Test and Evaluation (ST&E) and physical security penetration tests on SCPNT mission systems
  • Revalidate information assurance and cyber controls for accredited SCPNT mission systems, and document findings with suggested changes
  • Assess, as required, Higher Headquarters directed changes in theA&A policy requirements for their impact on mission system security posture or Risk Management Framework authorized systems
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst

We are looking for a Lead Cybersecurity Analyst who can take ownership of the or...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
Farenexus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cloud and application security, with hands-on AWS production environments
  • Strong knowledge of Java (Spring/Spring Boot) and frontend security (Vue.js)
  • Solid understanding of MySQL security and data protection
  • Experience with risk assessment, vulnerability management, and incident response
  • Working knowledge of DPAs, BCP/DR, VAPT, and bug bounty programs
  • Relevant security or cloud certifications such as AWS Security Specialty, CISSP, CISM, or similar
  • Experience with containerized workloads and Kubernetes security
  • Familiarity with modern authentication and authorization approaches such as OAuth2 and OpenID Connect
  • Experience working in agile or Descopes environments
Job Responsibility
Job Responsibility
  • Define and maintain the organization’s security strategy, policies, standards, and architecture principles
  • Act as a security advisor to engineering, product, and leadership teams, ensuring alignment with business and regulatory requirements
  • Design and govern secure AWS architectures, including IAM, networking, and core AWS security services
  • Continuously assess cloud environments and drive remediation of security risks and misconfigurations
  • Lead application security reviews, threat modeling, and risk assessments for Java based backend services and Vue.js frontend applications
  • Embed security into the SDLC through secure coding practices, CI/CD security controls, and vulnerability management
  • Define and enforce data and database security controls, including encryption, access management, and auditing
  • Support compliance, audits, DPAs, BCDR planning, vulnerability assessments, and penetration testing activities
  • Lead incident response processes, security monitoring, and post-incident improvement initiatives
  • Collaborate with engineering and DevOps teams to promote a security-by-design culture and provide practical security guidance
What we offer
What we offer
  • Competitive compensation, benefits, and opportunities for growth
Read More
Arrow Right

Cyber Architect - Info Security Tech Senior Analyst

The Cyber Architect - Info Security Tech Senior Analyst is an intermediate level...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Additional technical certifications are preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls
  • Strong knowledge of security for applications related to authentication / authorization, data protection, session management, data validation, and end point protections
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud
  • Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle
  • Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals
  • Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert
  • Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation
  • Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
  • Perform regular assessments based on changes in the threat landscape
  • Provide information security support with related activities during systems development (e.g. authentication, encryption)
  • Identify significant IS threats and vulnerabilities
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist – III (Information Security Analyst)

Barbaricum is seeking an experienced Information Assurance Specialist III (Infor...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Must meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 10yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets.(e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&SA process
  • Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on researching, writing, and submitting complete A&A documentation packages for new system authorizations
Job Responsibility
Job Responsibility
  • Assess, implement, and validate cybersecurity controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD cybersecurity requirements
  • Support the Security Assessment and Authorization (SA&A) process by evaluating security controls, identifying risks, and recommending mitigation strategies
  • Develop, review, and maintain Assessment and Authorization (A&A) documentation packages to support system accreditation and authorization efforts
  • Conduct security assessments, vulnerability analyses, and compliance reviews to ensure systems meet federal and DoD cybersecurity standards
  • Collaborate with system owners, engineers, and cybersecurity teams to implement security controls and maintain a strong security posture across enterprise environments
  • Support continuous monitoring activities, including risk assessments, control validation, remediation tracking, and reporting
  • Provide cybersecurity guidance and recommendations related to information assurance, risk management, and regulatory compliance
  • Prepare technical reports, security documentation, and executive briefings to support authorization decisions and stakeholder requirements
  • Ensure compliance with Risk Management Framework (RMF), DoD policies, and applicable government cybersecurity regulations
  • Serve as a subject matter expert on information assurance, cybersecurity controls, accreditation processes, and security compliance initiatives
  • Fulltime
Read More
Arrow Right