Security Assessment & Authorization (SA&A) Lead

Clearance Level
None
Category
Cyber and IT Risk Management
Location
Rockville, Maryland
(Onsite Workplace)
Key Skills For Success

Assessment & Authorization (A&A)

CISM

CISSP

FISMA Compliance

REQ#: RQ223530
Public Trust: NACI (T1)
Requisition Type: Regular
Your Impact

Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being and support of U.S. citizens.

Job Description

Security Assessment & Authorization (SA&A) Lead

Advance your career while impacting security of our hosting environment as a Security Assessment & Authorization (SA&A) Lead at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.

MEANINGFUL WORK AND PERSONAL IMPACT
As the Security Assessment & Authorization (SA&A) Lead, the work you’ll do at GDIT will be impactful to the mission of the customer. The SA&A Lead is responsible for leading NCI’s enterprise Assessment & Authorization (A&A) program, ensuring that all information systems comply with NIST RMF, FISMA, HHS, and NIH cybersecurity requirements. This senior SME provides technical leadership for system assessments, continuous monitoring, documentation quality, remediation support, and authorization readiness. This role aligns with A&A leadership positions seen in major federal cybersecurity practices.

Bring your program management expertise along with a drive for innovation to GDIT. 

Responsibilities

  • Lead execution of RMF phases for all assigned systems, including categorization, control selection/tailoring, assessment, authorization, and continuous monitoring.
  • Manage teams responsible for developing and reviewing SSPs, SARs, SAPs, POA&Ms, PTAs, PIAs, eAuth documentation, contingency plans, and related artifacts.
  • Conduct assessment readiness reviews and ensure authorization packages meet quality standards.
  • Provide expert guidance to system owners, ISSOs, engineers, and federal leadership regarding RMF expectations and authorization strategies.
  • Coordinate IV&V of third party assessments and review contractor-provided documentation for completeness.
  • Support enterprise-wide initiatives such as boundary optimization, control inheritance, RMF automation, and FedRAMP leveraging activities.
  • Drive process improvements to reduce authorization timelines, improve documentation quality, and enhance cross-team coordination.
  • Support annual control assessments, continuous monitoring activities, and remediation validation.

Qualifications

  • Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field similar in size

  • Experience: 5+ years leading FISMA-based A&A programs plus experience with eGRC tools (e.g., JCAM, Archer, CSAM)

  • Certification: Possess one or more active certifications, for example, CISSP, CISA, CISM, CRISC

  • ITIL Foundations certification (or ability to obtain within 3 months).

  • Security clearance level: the ability to obtain a Public Trust

Skills

  • Deep understanding of NIST SP 800 37, 800 53, 800 30, 800 171, FedRAMP, and HHS/NIH-specific policies

  • Strong experience managing assessment teams and reviewing security documentation

  • Experience supporting assessment programs for NIH, HHS, or similar scientific/health agencies.

  • Experience advising on control inheritance models, enclave ATOs, and enterprise automation.

  • Experience supporting cloud A&A, including AWS, GCP, and SaaS providers.

  • Expert knowledge of NIST RMF and security control assessment

  • Attention to detail and documentation excellence

  • Analytical thinking and risk-based decision support

  • Ability to translate technical risks into actionable remediation plans

  • Strong stakeholder coordination and communication skills
     

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

  • Growth: AI-powered career tool that identifies career steps and learning opportunities

  • Support: An internal mobility team focused on helping you achieve your career goals

  • Rewards: Full benefits, wellness programs, 401K matching, competitive salary, and paid time off.

  • Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in program management at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.
 

Work Requirements

Years of Experience

5 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

Certified Information Systems Security Professional (CISSP) | International Information System Security Certification Consortium (ISC2) - International Information System Security Certification Consortium (ISC2)

ITIL v3 Foundation | PeopleCert - PeopleCert

Travel Required

None

Salary and Benefit Information

The likely salary range for this position is $142,792 - $184,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
View information about benefits and our total rewards program.

Our Identity Verification Process

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during virtual interviews. We reserve the right to take your picture to verify your identity and prevent fraud. By proceeding, you authorize the collection, processing, and use of your biometric data for identity verification and security purposes.

About Our Work

We are GDIT. A global technology and professional services company that delivers technology solutions and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50+ countries worldwide, offering leading mission-ready capabilities in AI, cloud, cyber and software development.

Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans