• A&A (Assessment & Authorization) Team Lead

    Job ID 2018-1775
    Job Locations
    IT: Information Assurance / Quality / Cyber Security
    Regular Full-Time
  • Overview

    NCI is a leading provider of enterprise solutions and services to U.S. defense, intelligence, health and civilian government agencies. Coupled with a refined focus on strategic partnerships, we are successfully bridging the gap between commercial best practices and mission-critical government processes. Core competencies include:

    • Artificial intelligence
    • Agile digital transformation
    • Advanced analytics
    • Hyperconverged infrastructure solutions
    • Cyber security and information assurance
    • Fraud, waste and abuse
    • Engineering and logistics


    NCI has been designated a 2018 Military Friendly Employer by MilitaryFriendly.com 


    Headquartered in Reston, Virginia, NCI has approximately 2,000 employees operating at more than 100 locations worldwide.


    NCI is seeking an Assessment & Authorization (A&A) Team Lead for the Joint Service Provider's Cyber Security program. The A&A Team Lead supports the organization's information technology system security Assessment & Authorization activities program. This program is critical for validating information technology system's security controls are implemented correctly, operating as intended, producing the desired outcome, and remaining risks are properly identified to the authorizing official and ensures security controls are continuously monitored and re-accreditations occur periodically or whenever there is a significant change to the system or its operation environment. In assuming this position, you will be a critical contributor to meeting NCI's mission: To deliver innovative, cost-effective solutions and services that enable our customers to rapidly adapt to dynamic environments. NCI is always seeking talent and although this position is contingent upon an open position, we encourage you to apply.
    Highlights of Responsibilities:
    • Examining system documentation to determine if the system security plan, or equivalent document, is accurate, updated, and includes a concise description of the information system, confirms security category, identifies potential threats, and ensures security controls are adequately described.
    • Conducting risk assessments to ensure controls and countermeasures are identified to compensate for weaknesses to reduce risk to agency operations, assets, or individuals.
    • At the conclusion of the initial system identification phase, a risk assessment report shall be provided to the COR or GTM.
    • Conducting required Standard Operating Procedures (SOP) activities to include, but not limited to, information system identification and development of the risk assessment report and security assessment plan.



    • Current DoD 8570 IAM III compliant certification (CISM or CISSP preferred)
    • Active Top Secret clearance with DIA adjudicated SCI eligibility
    • Bachelor's Degree in an IT related field with 12 or more years experience in cyber security.
    • 5 to 8 years experience in Certification and Accreditation (C&A) and/or Assessment and Authorization (A&A).
    • 3 to 5 years experience as a Security Control Assessor/Validator
    • 5 or more years of project management experience
    • Expert level experience in RMF and/or DIACAP, NIST SP 800-37, NIST SP 800-53, CNSSI 1253
    Preferred Education and Experience
    • Certification as a Project Management Professional (PMP)


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.