Authorization and Accreditation (A&A) Specialist

Overview

Job Title: Authorization and Accreditation (A&A) Specialist

Job Location: Pensacola, FL (Hybrid)

Position Type: Full-time

Clearance Level: Secret

Foxhole Technology provides robust cybersecurity and IT support capabilities for federal civilian and defense agencies. A recognized leader in navigating technology and security challenges, Foxhole delivers mission-focused innovations to answer evolving and complex needs. Our talented employee-owners provide agile, scalable services and solutions that solve operational gaps, operate critical systems, and protect and secure the enterprise - across the organization and around the world

The Assessment and Authorization Specialist will support DISA's sensing capabilities through the full Risk Management Framework process. This includes supporting system accreditation, maintaining Authority to Operate status, performing compliance scans, sustaining accredited baselines, and ensuring all systems remain fully compliant with DoD cybersecurity policies. The role provides both remote support and required onsite support at DISA's Pensacola site for classified A&A packages.

Job Description

• Develop, update, and maintain RMF documentation including System Security Plans, Security Assessment Reports, and Plans of Action and Milestones.
• Support achieving and maintaining Authority to Operate (ATO) status for the life of the contract.
• Review Government findings monthly, identify mitigations, and submit remediation reports.
• Ensure compliance with all applicable STIGs, SRGs, and IAVA requirements for hardware, firmware, and software.
• Conduct weekly and monthly system compliance scans using approved tools and upload results to DISA reporting systems.
• Remediate STIG and IAVA findings and apply patches, updates, and workarounds in accordance with published IAVA notices and directives.
• Maintain DISA CIO accredited baseline configurations for sensing systems in lab and production environments.
• Ensure deployed systems remain consistent with the authorized baseline unless deviation approval is obtained.
• Update baseline systems monthly with required patches, fixes, and configuration updates.
• Ensure all hardware is labeled with classification level, inventory control number, hardware identification, and that cables are labeled for identification.
• Follow standard rack elevations, wiring diagrams, and configuration guidance as directed by the sensing Program Manager.
• Support continuity of operations, configuration management, operational sustainment, and system evolution activities.
• Maintain documentation related to configuration control, security compliance, inventory, and assessments.
• Provide required onsite support at DISA HQ for classified A&A packages and coordination with Government stakeholders.

Minimum Requirements

• Active DoD Secret clearance required.
• Minimum three (3) years of experience supporting RMF, cybersecurity compliance, information assurance, or A&A activities.
• Experience developing RMF artifacts including System Security Plans, Security Assessment Reports, and POA&Ms.
• Experience working with DISA STIGs, IAVA processes, ACAS, Nessus, SCC, and DISA security compliance systems.
• Experience managing system baseline configurations and maintaining accredited configurations.
• Knowledge of DoD cybersecurity policies including DoDD 8500.1 and DoDI 8510.01.
• DoD 8570 IAT II or IAM I certification required (Security+, CySA+, CISM, CASP, CISSP or equivalent).
• Strong understanding of vulnerability management principles and security control implementation.
• Ability to work both independently and collaboratively in a fast paced, mission focused environment.
• Strong written and verbal communication skills with experience supporting cross functional team.
• Proven ability to lead technical efforts and communicate complex concepts to both technical and non-technical audiences.

Desired Experience/Certifications

• Bachelor's degree in a related field (or equivalent experience).
• Experience supporting DISA, DoD cyber programs, or large scale operational sensor platforms is highly desired.

More Information

#MON

At Foxhole Technology, we are committed to pay transparency as required by law, for our applicants and employee-owners. Actual compensation will be determined based on a number of factors as permitted by law.

Foxhole Technology offers a competitive benefits package for our employees and their dependents, including health, dental, and vision care, paid leave, retirement plans (401K, Roth, and ESOP), life and disability insurance, flexible spending accounts, and education and training assistance.

Requirements of position: Think analytically, effective verbal and written communication skills, make decisions, observe/remember details, interpret data, concentrate on tasks, adjust to change, handle stress/emotions. Regular attendance, maintain work schedule, attend meetings, meet deadlines, keyboard/type, handle confidential information, use math/calculations, stay organized, operate office equipment, may direct others. Must be able to see, have eye/hand coordination, and lift up to 10 lbs. May be exposed to dust/dirt, humidity, and noise.

Foxhole Technology is an Equal Opportunity Employer and makes hiring decisions without regard to race, color, religion, sex (including pregnancy, childbirth and sexual orientation), national origin, age, disability, genetic information, military/veteran status, or any other protected class.