Get new similar jobs by email for

Security A&A (Assessment & Aut...

By continuing you agree to Monster's Privacy policy, Terms of use and use of cookies.

Job Summary

Knowledge Consulting Group
Washington, DC 20002
Computer/IT Services
Job Type
Full Time
Years of Experience
2+ to 5 Years
Education Level
Bachelor's Degree
Career Level
Experienced (Non-Manager)
Job Reference Code

Security A&A (Assessment & Authorization) Engineer (focus on Cloud Security)

About the Job

Knowledge Consulting Group (KCG) is one of the largest privately held cybersecurity services firms in the United States; serving as a Federal Government Contractor and supporting Commercial customers. We operate as a trusted cyber advisor to our customers across the country. We take great pride in maintaining a single focus on being the leader in cybersecurity services, providing risk management, governance, operations, and compliance services, utilizing our CISO framework methodology. We are uniquely positioned as a trusted cyber advisor with over 90 percent of our cyber professionals holding security clearances and security-specific certifications. With over 12 years of experience in providing cybersecurity services to our customers, we have a strong record of past performance in advising and executing cyber missions for all types of organizations and sectors. 

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Candidates must possess an Interim Secret clearance and be clearable to the Top Secret level.

  • Must understand NIST special publications and be able to quickly become familiar with client-specific policies and procedures for conducting security related tasks
  • Must have the ability to develop security assessment plans, perform securtiy assessments, and then develop secruity assessment reports.
  • Must be able to develop technical evaluation plans and be able to assess risks using an approved methodology
  • Must be able to document and develop/deliver briefings that address risks, associated severity, and recommended countermeasures
  • Must be able to perform security assessment activities throughout the year through Continuous Monitoring activities such as review of policies, procedures, system changes and control effectiveness.
  • Must be able to summarize the results of all assessment activities and testing that has taken place in reporting designed by the Contractor to adequately inform client on matters of information security risk.
  • Must be able to assist in identifying, integrating with and/or leveraging government-wide Continuous Monitoring capabilities and initiatives such as the Continuous Diagnostics & Monitoring (CDM) program.        

The successful candidate will have 2+ years of Security Assessment and Authorization experience and a Bachelor’s Degree in related field. If no degree, then must possess 6 years of related experience.  Must possess experience with NIST standards.  Experience with Cloud Security is a must; FedRAMP is a plus.

This includes experience executing the full life-cycle of C&A activities including: defining the certification boundary, performing formal and technical risk assessments, developing and executing Security Test and Evaluation (ST&E) requirements, and developing Systems Security Plans (SSP), and/or Systems Security Authorization Agreements (SSAA) in accordance with federal and industry directives, guidelines, and best practices.

Additionally, the candidate must have experience establishing and implementing processes and procedures related to continuous monitoring/ on-going security authorizations in accordance with NIST 800-137. The candidate must be familiar with government-wide Continuous Monitoring capabilities and initiatives such as the Continuous Diagnostics & Monitoring (CDM) program.  

Additionally, this candidate must:

  1. Communicate effectively through strong written and verbal means to co-workers and senior leadership as well as to various levels of clients.
  2. Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously.
  3. Ability to assess and weigh current and evolving security risks in an operational environment.
  4. Familiarity with FIPS and NIST 800 series documentation
  5. Proven problem management skills with the ability to think critically – Use logic and analysis to identify the potential enhancements and flaws in security measures.
  6. Ability to resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
  7. Strong presentation and consulting skills.
  8. Strong technical skills.

Strong verbal and written communication skills are highly preferred.  It is highly desired that candidates possess strong interpersonal skills.  Candidates must be fluent in the English language. 

Candidates may be asked to provide a writing sample.

Knowledge Consulting Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status.

If interested in the position, please apply directly through our website:



If you have questions or have trouble applying, you may contact:  katie.hanson@knowledgecg.com.


Job Tools

  • Follow Company
    Your information may be shared with the company.
  • Following Company
  • Print
  • Share
  • Report this job