Cybersecurity Information Assurance Specialist

• Active Secret security clearance\n
• Bachelors degree in information technology, computer science, engineering, or a related technical discipline\n
• 5 or more years of dedicated Information Assurance experience, with at least three of those years being consecutive, in a DoD cybersecurity environment\n
• Must hold a current certification that meets DoD IAM Level II or IAT Level II baseline requirements (e.g., CISSP, Security+ CE, CISM, CASP+ CE)\n
• Subject matter expertise in securing traditional and cloud-native architectures within AWS cloud environments and authorized Software as a Service (SaaS) solutions\n
• Experience in the review and validation of security and compliance controls defined, executed, and reported through Compliance as Code (CaC) frameworks and tools (e.g., AWS Inspector, Security Hub)\n

ANSER enhances national and homeland security by strengthening public institutions. We provide thought leadership for complex issues through independent analysis, and we deliver practical, useful solutions. ANSER values collaboration, integrity, and initiative and we are client focused in all that we do. Because we were established for the purpose of public service and not for profit, we measure our success in the impact of our service.\n \n \nPosition Summary:\n \n \n

• ANSER is seeking a Cybersecurity Information Assurance Specialist to support the Department of Defense (DoD) in the areas of cybersecurity compliance, risk management, audit governance, and security assessment. In this role you will provide Information System Security Officer (ISSO) support to ensure the confidentiality, integrity, and availability of data residing on or transiting assigned systems\n

\n \nDay to Day Responsibilities:\n \n \n

• Support the automation of security control implementation and evidence collection to achieve and maintain Assess and Authorize (A&A), Assess Only, and Continuous ATO (cATO) accreditations\n
• Manage and maintain systems authorization packages within the eMASS, ensuring they serve as the authoritative Government, Risk, and Compliance (GRC) system of record\n
• Identify and mitigate security weaknesses throughout the system development and operational lifecycle\n
• Perform the role of Security Control Assessor - Validator (SCA-V), conducting independent and compliant security control assessments to support the SCA and help the authorizing official in making timely and risk-informed ATO decisions\n