Cybersecurity Assessment & Authorization (A&A) Engineer

Application

About the Role

Seeking a mid-level Cybersecurity A&A Engineer to develop and maintain applications that support compliance management and security authorization processes for federal information systems. The ideal candidate will have experience in application development within cybersecurity or regulated environments, strong problem-solving skills, and the ability to collaborate with stakeholders to ensure systems meet federal standards and support Authorization to Operate (ATO). This role offers the opportunity to contribute to critical cybersecurity compliance efforts in a dynamic federal context. This position is remote, but you must live in the DC / VA / MD Area.

Job Responsibilities

Design, develop, test, and maintain applications supporting OS Compliance Management and sGRC tools.

Develop technical solutions to automate A&A request workflows and data validation.

Support Plan of Action & Milestones (POA&M) tracking and management functionalities.

Collaborate with system owners and stakeholders to gather requirements and resolve issues.

Create reporting dashboards to provide insights on compliance and risk posture.

Assist in audit and compliance activities by providing accurate data and technical support.

Conduct unit, integration, and system testing to ensure application quality and security.

Recommend and implement process improvements to enhance system performance and security.

Maintain comprehensive documentation and provide training support as needed.

Required Skills

Java C# .NET JavaScript SQL Cybersecurity frameworks (FISMA, NIST 800-series) System integration Configuration management Software development lifecycle Data analysis and reporting

Preferred Skills

Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) ITIL Foundation Agile / Scrum methodologies Security+ certification

Job Requirements

3-5 years of experience in application development, preferably in cybersecurity or compliance domains, and supporting federal or regulated environments.

Proficiency in programming languages such as Java, C#, .NET, JavaScript, and SQL.

Familiarity with cybersecurity frameworks, including FISMA, HHS policies, and NIST 800-series.

Experience with system integration, configuration management, and software lifecycle processes.

Strong analytical and problem-solving skills.

Effective communication skills and ability to work both independently and in cross-functional teams.

Bachelor's degree in Computer Science, Information Systems, Software Engineering, or related field.

Ability to support federal or regulated environment compliance requirements.

Possession or willingness to obtain relevant cybersecurity certifications (e.g., CISSP, CISM, Security+).

Commitment to maintaining documentation and knowledge transfer practices.

Active Public Trust security clearance or ability to obtain one.

Desired Certifications :

Certified Information Systems Security Professional (CISSP).

Certified Information Security Manager (CISM).

ITIL Foundation or Agile / Scrum certification.

Security+ or other relevant cybersecurity certification.

Education Requirements

Degree : Bachelor

Major : Computer Science