Icon hamburger
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply Now

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

A&A Analyst

Apex Systems Vienna Contractor
Apply Now

Position: A&A Analyst

Location: Vienna, VA

Duration: Contract to Perm

Clearance: Ability to obtain and hold a Public Trust

If you are interested in being considered for this role, please send your most updated resume in Word document format as well as the best time and number to discuss further over the phone to Sarah St.Martin at Email blocked - click to apply

Job Description:

This role will support the Information System Security Officer (ISSO) of a federal civilian agency. The role will work within a team that supports a wide varieties of security activities including supporting third party assessment and authorization (A&A) efforts under the NIST Risk Management Framework (RMF), review security impact on change requests, review accounts for the systems under their purview, and other duties to ensure compliance with FISMA and other security requirements mandated by the agency.

This individual will provide information to the ISSO so that the proper documentation can be updated, to include the System Security Plans (SSP), Contingency Plans, Business Impact Analyses (BIA), Plan of Action and Milestones (POA&Ms), and other documentation.

Responsibilities and Duties:

  • Facilitate meetings with contractor, Agency and third-party contractor staff to support A&A-related engagements.
  • Track artifact and meeting requests and providing status reports on outstanding items to Agency staff.
  • Coordinate with contractor and Agency staff to provide requested artifacts for A&A-related engagements in a timely manner.
  • Review artifacts provided by contractor staff to ensure requested information have been properly provided and meet appropriate security/privacy requirements.
  • Coordinate vulnerability remediation efforts with contractor and Agency staff in order to remediate findings within specified deadlines.
  • Review policies and procedures for compliance with applicable standards; and to identify areas of improvement for finding remediation
  • Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.
  • Identify potential risks associated with system configurations and advise on mitigation strategies
  • Participate in A&A status meetings and facilitate moving systems toward a successful A&A effort
  • Assist customer program offices in interpreting and applying mitigation strategies
  • Review documentation to ensure compliance with Federal cybersecurity requirements
  • Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&Ms document to ISSO
  • Maintain cybersecurity procedures and processes as assigned
  • Able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs
  • Communicate the security posture of systems through designated reporting mechanism

Required Skills:

  • 5 or more  years of IT Security experience
  • Experience developing A&A documentation from scratch and performing assessments; RMF step 1 through 4
  • Experience supporting ISSOs or acting as one
  • Familiar with NIST publications, specifically RMF and NIST controls
  • Familiar with dealing with defense-in-depth, and other information security and assurance principles and associated supporting technologies
  • Excellent customer service and organization skills
  • Excellent oral and written communication skills
  • Must be able to review artifact and meeting requests and determine correct contractor personnel based on requested information
  • Must be highly organized and detail oriented
  • Must be able to take initiative and work independently or as a member of a team.
  • Must demonstrate proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment

Desired Skills:

  • Experience working with Security engineering to review Nessus Vulnerability / Tripwire compliance scans
  • Experience performing on-site cybersecurity assessments using Standards such as CIS Benchmarks, DISA STIGS, etc.
  • Broad technical experience related to IT operations, networks, OS's, and system administration

Education and Experience:

  • Bachelor's Degree in IT, Cyber Security, Computer Science, or related field preferred and 5+  years of experience 
  • 5+  years of experience in the following areas: Cybersecurity policy, procedures, and processes, including RMF and NIST 800-53 and A&A's
  • Experience using with Microsoft Office (Word, Excel, Visio, PowerPoint, MS Project), MS SharePoint
  • One or more of the following certifications preferred (Security+, CAP, CISSP, CISM, GSEC, GCIH, or GSLC)

Must have the ability to obtain a Public Trust Clearance prior to starting work

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178


Recommended skills

Cyber Security
Information Security
Giac Certified Incident Handler
Federal Information Security Management Act
Certified Information Security Manager


Salary Estimator

Based on Job Title, Location and Skills
Below Avg. Average Above Avg.

Career Path

See the next step in your career
A&A Analyst
Estimated Salary: $91K
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 985094


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.


Apex Systems is a division of the 2nd largest IT staffing and services firm in North America. From consulting to staff augmentation, we connect top tech talent with great companies in all industries.


Apex earned Inavero’s Best of Staffing™ Client Diamond and Talent Awards for providing superior service to clients and job seekers, putting the company in the top 2 percent of all U.S. staffing agencies.


We take the time to understand a candidate’s talents and needs to ensure a good match with companies for contract, contract-to-hire, and direct hire positions. Each recruiter within Apex is focused on a specific skill area within infrastructure, applications, and project management. This focused discipline enables our local recruiters to work directly with our candidate’s and focus their talent on the right position at the right time.


We serve Fortune 500, mid-market, and emerging companies from a wide variety of industries, including communications, energy, financial services, government services, healthcare, technology, and utilities. 


Apex has branches in over 70 locations across the U.S. and Canada and more than 1,000 employees dedicated to supporting the needs of our clients and contract team members. Visit www.apexsystems.com to find a local branch or connect with an Account Manager or Recruiter.

View the full profile