Designated Authorizing Official Representative Job Listing at SPA in Chantilly, VA (Job ID 2024-18148)

Description

Qualifications

Required:

• Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD.
• Current U.S. Government Top Secret/ SCI with Poly
• Bachelors of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification
• DoD 8570 certification in IAT or IA
• Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation
• Able to work in a team environment

Desired:

• Self-starter requiring limited direction and supervision
• Experience briefing senior customer personnel
• Ability to organize and prioritize numerous customer requests in a fast pace deadline driven environment
• Familiarity with Amazon Web Services (AWS)
• Familiarity with customer's IA processes
• Experience with ServiceNow
• Familiarity with Cross Domain Systems (CDS)
• Experience supporting IC or DoD in the Cyber Security Domain

The Delegated Authorizing Official Representative (DAO-R) provides support to the customer in the area of Cyber Security.  Daily tasks include, but are not limited to: 

• Ensure adherence to ICD-503 and customer specific directives/policies through the lifecycle (RMF 1-6) of customer sponsored assets.
• Provide risk recommendations to the customer after reviewing sponsored asset overall risk posture as part of Authority to Operate (ATO) RMF process.
• Manage/track customer sponsored assets' plan of action and milestones (POAMs) by working with various security stakeholders (ISSO/ISSE/ISSM/SCA) post authorization.
• Screen new asset requests to ensure sponsorship and information system owner identification.
• Facilitate System Review Team to ensure that new/existing customer sponsored assets have the correct project regulation, data types/C-I-A impact assignments, and overlay assignments as well (with customer signoff).
• Assign asset security controls and levy asset specific liens on controls for which the program did not meet during accreditor reviews.
• Ensure customer sponsored assets maintain their security postures in accordance with customer identified Continuous Monitoring (RMF step 6) directives and policies.
• Provide continuous adhoc authorization-related daily support to both customer and programs.