Today
Public Trust
Unspecified
Unspecified
Colorado Springs, CO (On-Site/Office)
Description:
Assessment and Authorization (A&A) Assessor
OCT Consulting is a business management and technology consulting firm that provides support
to Federal Government clients. We provide consulting services in the areas of Strategy, Process
Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
Responsibilities and Duties
OCT currently has an opening for an Assessment and Authorization (A&A) Assessor for Software/SaaS/Hardware to work with our federal client. This hybrid role may require some onsite presence as the client desires for meetings and system support.
This position is contingent upon contract award.
Day to day responsibilities include:
• Conduct cybersecurity assessments on commercial and government software, SaaS products, IT hardware, and web-based solutions to determine compliance with applicable DoD, Air Force, and USAFA cybersecurity policies and control requirements.
• Perform evaluations of acquisition requests and technical artifacts in accordance with AFI 17-101 and USAFA local procedures, assessing potential risk to mission systems, data confidentiality, and operational integrity.
• Coordinate with requestors, cybersecurity stakeholders, and acquisition personnel to gather relevant information and provide timely written recommendations for system integration or risk-based rejection.
• Develop, maintain, and annually review a Standard Operating Procedure (SOP) for all assessment types to ensure consistent evaluation standards and alignment with evolving Air Force and DoD policies.
• Complete and document Privacy Impact Assessments (PIAs) (e.g., DD Form 2930) as required, in collaboration with system owners and in compliance with AFI 33-332, Air Force Privacy and Civil Liberties Program.
• Perform security evaluations for blocked URLs and websites requested for mission access, including the analysis of site risk posture, hosting infrastructure, and data collection practices.
• Deliver formal written assessment reports with cybersecurity recommendations for each request, identifying control gaps, FedRAMP status, PII/PHI risk implications, and potential waiver requirements.
• Maintain and update a monthly tracking log of all active and completed assessments, documenting request status, review findings, and final decisions for audit and oversight purposes.
• Collaborate with ISSOs, ISSMs, and procurement officials to ensure that approved tools and services meet security requirements and can be integrated into RMF processes where needed.
• Advise stakeholders on options for conditional approval, mitigation, or waiver submission where products do not fully meet baseline security requirements but offer mission value.
• Support the broader RMF authorization process by contributing assessment inputs to the development of ATO packages when evaluated products are integrated into larger systems.
• Stay current on FedRAMP, NIST SP 800-171, and CUI handling requirements, and apply them consistently across all assessments of externally hosted or cloud-based solutions.
Requirements:
Qualifications/Requirements
• Must be a U.S. Citizen
• Required Certifications: CSSLP / Security+
• Bachelor of Science degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an Accreditation Board for Engineering and Technology (ABET) accredited or Certified Association Executive (CAE) designated institution preferred.
• At least three years of relevant experience acting as an A&A assessor for software, SaaS, and hardware.
• Must have knowledge of NIST SP 800-171, FedRAMP, CUI handling, software/hardware risk assessment, DoDI 8510.01, AFI 17-101, AFI 33-332.
• Experience with acquisition security reviews, waiver package support, and PIA coordination is preferred.
• Must have Active Tier 3 (or higher) security clearance.
• Proximity to USAF Academy, CO 80840 a plus
Benefits:
Benefits
OCT offers competitive compensation packages and a full suite of benefits which includes:
• Medical, Dental, and Vision insurance
• Retirement savings 401K plan provided by an industry leading provider with 3%
employer contributions of the employee's gross salary
• Paid Time Off and Standard Government Holidays
• Life Insurance, Short- and Long-Term disability benefits
• Training Benefits
Salary Range: $50,000- $250,000 yearly commensurate with experience, education, etc.
About OCT Consulting
OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal
government agencies.
At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. Our practices ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone's contributions are valued and recognized.
Assessment and Authorization (A&A) Assessor
OCT Consulting is a business management and technology consulting firm that provides support
to Federal Government clients. We provide consulting services in the areas of Strategy, Process
Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
Responsibilities and Duties
OCT currently has an opening for an Assessment and Authorization (A&A) Assessor for Software/SaaS/Hardware to work with our federal client. This hybrid role may require some onsite presence as the client desires for meetings and system support.
This position is contingent upon contract award.
Day to day responsibilities include:
• Conduct cybersecurity assessments on commercial and government software, SaaS products, IT hardware, and web-based solutions to determine compliance with applicable DoD, Air Force, and USAFA cybersecurity policies and control requirements.
• Perform evaluations of acquisition requests and technical artifacts in accordance with AFI 17-101 and USAFA local procedures, assessing potential risk to mission systems, data confidentiality, and operational integrity.
• Coordinate with requestors, cybersecurity stakeholders, and acquisition personnel to gather relevant information and provide timely written recommendations for system integration or risk-based rejection.
• Develop, maintain, and annually review a Standard Operating Procedure (SOP) for all assessment types to ensure consistent evaluation standards and alignment with evolving Air Force and DoD policies.
• Complete and document Privacy Impact Assessments (PIAs) (e.g., DD Form 2930) as required, in collaboration with system owners and in compliance with AFI 33-332, Air Force Privacy and Civil Liberties Program.
• Perform security evaluations for blocked URLs and websites requested for mission access, including the analysis of site risk posture, hosting infrastructure, and data collection practices.
• Deliver formal written assessment reports with cybersecurity recommendations for each request, identifying control gaps, FedRAMP status, PII/PHI risk implications, and potential waiver requirements.
• Maintain and update a monthly tracking log of all active and completed assessments, documenting request status, review findings, and final decisions for audit and oversight purposes.
• Collaborate with ISSOs, ISSMs, and procurement officials to ensure that approved tools and services meet security requirements and can be integrated into RMF processes where needed.
• Advise stakeholders on options for conditional approval, mitigation, or waiver submission where products do not fully meet baseline security requirements but offer mission value.
• Support the broader RMF authorization process by contributing assessment inputs to the development of ATO packages when evaluated products are integrated into larger systems.
• Stay current on FedRAMP, NIST SP 800-171, and CUI handling requirements, and apply them consistently across all assessments of externally hosted or cloud-based solutions.
Requirements:
Qualifications/Requirements
• Must be a U.S. Citizen
• Required Certifications: CSSLP / Security+
• Bachelor of Science degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an Accreditation Board for Engineering and Technology (ABET) accredited or Certified Association Executive (CAE) designated institution preferred.
• At least three years of relevant experience acting as an A&A assessor for software, SaaS, and hardware.
• Must have knowledge of NIST SP 800-171, FedRAMP, CUI handling, software/hardware risk assessment, DoDI 8510.01, AFI 17-101, AFI 33-332.
• Experience with acquisition security reviews, waiver package support, and PIA coordination is preferred.
• Must have Active Tier 3 (or higher) security clearance.
• Proximity to USAF Academy, CO 80840 a plus
Benefits:
Benefits
OCT offers competitive compensation packages and a full suite of benefits which includes:
• Medical, Dental, and Vision insurance
• Retirement savings 401K plan provided by an industry leading provider with 3%
employer contributions of the employee's gross salary
• Paid Time Off and Standard Government Holidays
• Life Insurance, Short- and Long-Term disability benefits
• Training Benefits
Salary Range: $50,000- $250,000 yearly commensurate with experience, education, etc.
About OCT Consulting
OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal
government agencies.
At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. Our practices ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone's contributions are valued and recognized.
group id: 91130748
