CrawlJobs Logo

Cyber Security Assessment & Authorization Analyst

nttdata.com Logo

NTT DATA

Location Icon

Location:
United States , Rockville

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Cyber Security Assessment & Authorization Analyst role at NTT DATA involves leading assessment and authorization efforts for various agency systems, ensuring compliance with NIST standards. Candidates should have a minimum of 8 years of experience in cyber security and a bachelor's degree in a related field. The position requires strong leadership and communication skills, along with expertise in security control assessments and cloud environments.

Job Responsibility:

  • Support a client as an assessment and authorization (A&A) analyst, including A&A efforts for various agency systems
  • Leads the team on ISSO and Assessors in the day to day tasks
  • Maintain responsibility for supporting federal clients obtaining the authority to operate (ATO) for new and modernized systems
  • Serve as senior team lead providing guidance and working with team members in performance/delivery of all assigned A&A efforts
  • Adhere to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans
  • Ensure all supporting artifacts and results will be documented in the A&A repository
  • Performing security controls assessments on security boundaries and producing required security documentation
  • Experience with NIST special publications (SPs) regarding the SA process, including SP 800-53, SP 800-137, and SP 800-37
  • Experience with continuous monitoring and plans of action and milestones (POA&M) management
  • Experience with assessing systems deployed in Cloud Environments

Requirements:

  • Bachelor's degree in Management Information Systems, Computer Science, or related cybersecurity discipline
  • Minimum 8 years of experience with assessment and accreditation (A&A)
  • Minimum 8 years of experience as a security control assessor or validator
  • Minimum 8 years of experience with maintaining IT security policies, processes, and guidance
  • Minimum 3 years of experience with using GRC tool – CSAM
  • Ability to obtain a Public Trust Clearance

Nice to have:

Experience with using continuous monitoring tools to assist with the automation of assessment efforts and with A&A of cloud-platforms

Additional Information:

Job Posted:
March 19, 2026

Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Security Assessment & Authorization Analyst

Cyber Information Assurance Analyst SME

The Cyber Information Assurance Analyst SME supports the customer by performing ...
Location
Location
United States , Ft. Meade
Salary
Salary:
131000.00 - 155000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess appropriate level of certifications for this position as required by the contract
  • Required DOD Top Secret Clearance with SCI eligibility
  • Bachelor's Degree and a minimum of ten plus (10+) years of experience in systems security, or equivalent combination of education/experience
Job Responsibility
Job Responsibility
  • Performs extensive assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy
  • Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems
  • Assists in the implementation of the required government policy and makes recommendations on process tailoring
  • Supports the formal Security Test and Evaluation required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
  • Periodically conducts of a review of each system's audits and monitors corrective actions until all actions are closed
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • Company Life Insurance
  • Short-Term and Long-Term Disability Insurance
  • 401(K) Immediate Vesting
  • Professional Development Assistance
  • Legal Aid Assistance Program
  • Family Planning / Fertility Assistance
  • Personal Time Off
  • Fulltime
Read More
Arrow Right

Cyber Information Assurance Analyst - Junior Assessor

The Cyber Information Assurance Analyst supports the customer by performing anal...
Location
Location
United States , Ft. Meade, MD
Salary
Salary:
65000.00 - 70000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • The ability to obtain, maintain and access classified information at the TS/SCI level
  • DoD 8570 IAM/IA Technical (IAT) Level II certification
  • Familiarity with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices
  • Understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253
  • Familiarity with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
  • Strong written and verbal communication skills for reporting assessment findings
  • This position requires travel ~85% CONUS & OCONUS
  • Bachelor's Degree and a minimum of one to two (1-2) years of experience in systems security, or equivalent combination of education/experience
Job Responsibility
Job Responsibility
  • Conducts cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN
  • Evaluates systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing
  • Adheres to policies and processes for each assessment type
  • Supports assessment development and execution to ensure security expertise is properly applied
  • Coordinates logistics, test plans, and scope with the SCA Team Lead
  • Performs vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS
  • Analyzes security gaps and provide mitigation recommendations
  • Validates cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines
  • Provides risk analysis and assessment results for authorization recommendations
  • Participates in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • 401(k)
  • Family Planning/Fertility Assistance
  • STD/LTD/Basic Life/AD&D
  • Legal-Aid Program
  • Employee Assistance Program (EAP)
  • Paid Time Off (PTO) – (11) Federal Holidays
  • Training and Development Opportunities
  • Fulltime
Read More
Arrow Right

Security Incident Management Analyst

The Security Incident Management Analyst is an intermediate level position respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA
  • General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
  • Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
  • Working knowledge of VERIS taxonomy
  • Working knowledge of OSI model
  • Working knowledge of security and/or incident response in cloud environments
  • Working knowledge of software development best practices, including agile methods
  • Familiar with Atlassian tools
  • Previous experience working in highly regulated environment
  • Previous experience in a fusion center and/or exposure to large scale incident response
Job Responsibility
Job Responsibility
  • Work as part of a best in class ‘follow the sun’ security incident response team
  • Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes
  • Ensure that the security incident record is complete, accurate and fit for purpose
  • Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel
  • Execute incident response meetings and communicate complex security topics
  • exhibit good judgment and discretion when initiating escalations to all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards
  • Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es)
  • Fulltime
Read More
Arrow Right

Cyber Architect - Info Security Tech Senior Analyst

The Cyber Architect - Info Security Tech Senior Analyst is an intermediate level...
Location
Location
Hungary , Budapest
Salary
Salary:
12211560.00 - 20474640.00 Ft / Month
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Additional technical certifications are preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls
  • Strong knowledge of security for applications related to authentication / authorization, data protection, session management, data validation, and end point protections
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud
  • Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle
  • Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals
  • Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert
  • Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation
  • Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
  • Perform regular assessments based on changes in the threat landscape
  • Provide information security support with related activities during systems development (e.g. authentication, encryption)
  • Identify significant IS threats and vulnerabilities
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right
New

Mid-Level Cyber Security Engineer

We are seeking a Mid-Level Cyber Security Engineer to provide expert cyber domai...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Candidates must meet ONE of the following education/experience combinations: Bachelor’s degree + 12+ years of related experience
  • Master’s degree + 10+ years of related experience
  • Ph.D. degree + 7+ years of related experience
  • 15+ years of related experience without a degree
  • Technical Requirements: Experience conducting site surveys for IT equipment (racks, desktop PC environments)
  • Experience installing IT hardware in 24/7 operational environments
  • Strong understanding of: Cybersecurity assessments
  • Incident response
  • Risk & vulnerability assessment
  • Cyber threat analysis
Job Responsibility
Job Responsibility
  • Cyber Security Engineering & Analysis: Conduct and review complex cybersecurity assessments
  • Identify system vulnerabilities and areas of non‑compliance with cybersecurity standards
  • Recommend mitigation strategies and risk‑reduction approaches
  • Perform research, evaluation, and development in advanced cybersecurity areas
  • Security Operations & Monitoring: Perform and maintain vulnerability scans, generating clear reports for leadership
  • Track and report Information Assurance Vulnerability Management (IAVM) compliance
  • Support incident response teams with domain-specific expertise
  • Maintain a library of security audit tools and related testing processes
  • Risk Management & Compliance: Review and update Authorization to Operate (ATO) documentation
  • Manage and report Plan of Action & Milestones (POA&M) compliance
What we offer
What we offer
  • Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance
  • Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan
Read More
Arrow Right

Senior Cybersecurity Analyst

Astrion has an exciting opportunity for a Senior Cybersecurity Analyst located a...
Location
Location
United States , Washington D.C.
Salary
Salary:
130000.00 - 150000.00 USD / Year
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A master’s degree in a relevant field and ten (10) years of relevant experience in cyber security, information system management, software development, design or authorization
  • A Bachelor’s degree in a relevant field and fifteen (15) years of relevant experience in cyber security, information system management, software development, design or authorization
  • A high school degree, or a GED, and more than twenty (20) years of relevant experience in cyber security, information system management, software development, design or authorization
  • In depth knowledge of all steps in the RMF Process
  • Risk Management Framework (RMF) package development knowledge and can lead efforts to bring platform technology systems through the full lifecycle of the RMF process to achieve/renew an Authorization to Operate (ATO)
  • Knowledge of DoD and DON cyber policies and procedures and/or NIST 800-53, DoDI 8500.01, and DoDI 8510.01
  • Must be flexible in adapting to deadlines, changing schedules, competing priorities, and unpredictable events
  • Demonstrated ability to assign work and manage personnel and tasks
  • Familiar with and able to present data and recommendations to Government and Military leadership
  • Thorough, detail oriented, and organized, with excellent time management skills and ability to prioritize and handle multiple projects at once
Job Responsibility
Job Responsibility
  • Provide cybersecurity expertise to surface combat system program offices
  • Lead efforts to bring Platform Information Technology systems and other systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO)
  • Review RMF package submission to ensure alignment with the NAVSEA Standard Operating Procedures (SOP)
  • Develops, coordinates, and reviews detailed Assessment & Authorization documentation in accordance with DoD Instruction 8510.01 – DoD Information Assurance Assessment and Authorization (A&A) Process (RMF)
  • Review systems scans/tests using the Security Content Automation Protocol (SCAP) Compliance Checker (SCC), and the Assured Content Assessment Solution (ACAS)
  • Work with the NAVSEA, PEO IWS, combat system program offices to ensure DOD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of the integrated combat systems and weapon systems
  • Assist in RMF package development activities as an ISSE or Validator
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
Read More
Arrow Right

Senior Cybersecurity Analyst

Astrion has an exciting opportunity for a Senior Cybersecurity Analyst located a...
Location
Location
United States , Washington D.C.
Salary
Salary:
115000.00 - 130000.00 USD / Year
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A master’s degree in a relevant field and ten (10) years of relevant experience in cyber security, information system management, software development, design or authorization
  • A Bachelor’s degree in a relevant field and fifteen (15) years of relevant experience in cyber security, information system management, software development, design or authorization
  • A high school degree, or a GED, and more than twenty (20) years of relevant experience in cyber security, information system management, software development, design or authorization
  • In depth knowledge of all steps in the RMF Process
  • Knowledge of DoD and DON cyber policies and procedures and/or NIST 800-53, DoDI 8500.01, and DoDI 8510.01
  • Must be flexible in adapting to deadlines, changing schedules, competing priorities, and unpredictable events
  • Ideal candidate has demonstrated ability to assign work and manage personnel and tasks
  • Familiar with and able to present data and recommendations to Government and Military leadership
  • Thorough, detail oriented, and organized, with excellent time management skills and ability to prioritize and handle multiple projects at once
  • Superb verbal and written communication skills
Job Responsibility
Job Responsibility
  • Provide cybersecurity expertise to surface combat system program offices
  • Lead efforts to bring Platform Information Technology systems and other systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO)
  • Review RMF package submission to ensure alignment with the NAVSEA Standard Operating Procedures (SOP)
  • Develops, coordinates, and reviews detailed Assessment & Authorization documentation in accordance with DoD Instruction 8510.01 – DoD Information Assurance Assessment and Authorization (A&A) Process (RMF)
  • Review systems scans/tests using the Security Content Automation Protocol (SCAP) Compliance Checker (SCC), and the Assured Content Assessment Solution (ACAS)
  • Work with the NAVSEA, PEO IWS, combat system program offices to ensure DOD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of the integrated combat systems and weapon systems
  • Assist in RMF package development activities as an ISSE or Validator
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
Read More
Arrow Right

Cloud Assessment Analyst III

The Cloud Assessment Analyst III supports DoD and FedRAMP cybersecurity oversigh...
Location
Location
United States , Ft. Meade
Salary
Salary:
96000.00 - 110000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have an active DoD Top Secret clearance with SCI eligibility
  • DoD 8570 IAM/IA Technical (IAT) Level III certification
  • Strong knowledge and hands-on experience with FedRAMP, NIST SP 800-53, DoD RMF, and related cybersecurity frameworks
  • Proven experience working with Cloud Service Providers (CSPs) in a government or regulated environment
  • Expertise in evaluating security control implementations, conducting Annual Assessments, reviewing POA&Ms, deviation requests, and other artifacts related to risk posture
  • Demonstrated experience using eMASS, and familiarity with other GRC tools used by DoD or federal agencies
  • Solid understanding of vulnerability scanning tools, SIEM platforms, and security monitoring tools
  • Strong analytical skills with the ability to interpret technical data and identify risks and mitigation strategies
  • Excellent verbal and written communication skills to produce technical reports, risk summaries, and briefings for stakeholders including Authorizing Officials (AOs)
  • Experience developing or maintaining Continuous Monitoring (ConMon) plans, reports, and dashboards
Job Responsibility
Job Responsibility
  • Conducts thorough reviews and analyses of Deviation Requests including validations or justifications for security findings
  • Evaluates and develops Monthly One Pagers that summarize the cybersecurity posture of Cloud Service Offerings (CSOs)
  • Performs Annual Assessments to validate the implementation of mandatory security controls across the CSO baseline and assess one-third of the remaining controls annually
  • Prepares and reviews weekly Playbooks to report on the Continuous Monitoring (ConMon) status of designated CSOs
  • Reviews and assesses Security Change Requests (SCRs) that propose new requirements or capabilities for CSOs
  • Analyzes scan data, Plans of Action and Milestones (POA&Ms), and other change artifacts to assess ongoing risk posture changes of Cloud Service Providers (CSPs)
  • Ensures the DoD and FedRAMP monitoring programs enable effective oversight of CSPs by providing risk-based data to inform Authorizing Officials (AOs)
  • Performs ongoing assessments and validations to confirm that security controls are implemented and compliant with DoD and FedRAMP standards
  • Ensures effective operation of system safeguards and controls through a proactive, risk-based monitoring approach
  • Maintains continuous visibility into CSP applications and devices to support data-driven decision-making and adherence to authorized risk thresholds
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • 401(k)
  • Family Planning/Fertility Assistance
  • STD/LTD/Basic Life/AD&D
  • Legal-Aid Program
  • Employee Assistance Program (EAP)
  • Paid Time Off (PTO) – (11) Federal Holidays
  • Training and Development Opportunities
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy