Acuity is a leading management and technology consulting firm that specializes in serving the federal government. Our innovative, collaborative and rewarding work environment has earned repeat honors from the Washington Business Journal’s Best Places to Work and SmartCEO Corporate Culture awards. We are looking for new talent to add to our growing team and are currently hiring additional IA Analyst/Engineer.

 

As an Information Assurance Analyst/Engineer, your role is to develop all required materials to secure cloud computing solutions and obtain initial security authorization, including categorization, contingency plan, incident response plan, policy and procedures. Candidates will be working with other members of the project team to document process/procedure related security control solutions and for development of NIST Risk Management Framework required items to support risk-based decisions. The Information Assurance Analyst/Engineer serves as the liaison with stakeholders in the Department who are responsible for cyber operations, security policy/standards, independent assessment and governance to ensure alignment with Department architecture, policy, and processes

Acuity is a digital strategy and technology consulting firm that serves federal agencies with critical missions. Our experts support projects in the areas of IT Modernization, Data Enablement, and Hyperautomation to help protect our national interests and keep people safe. If you have technical experience and a passion for making a difference, we might be the right fit for you.

• Develop and document system security authorization boundaries for the cloud-based solution and any agency applications within the cloud service.
• Develop and mature the security controls matrix that consolidates all applicable security controls and associated control type, control owners, implementation and status.
• Develop System Security Plans working with the administrators, engineers and other team members to identify strategies for control implementation.
• Develop system-specific policy, process and procedures ranging from access control, vulnerability management, encryption key management and change/configuration management.
• Interpret existing customer agency policies to identify applicability to system and control implementations as well as provide guidance to the security operations and engineering teams to ensure the system is operated as required.
• Depending on skills and aptitude with cloud services and associated security tools, take on elements of implementation to meet compliance requirements (e.g., configuration of audit settings, rules for alerts, monitoring, etc.).
• Develop other security-related documents required for authorization such as system categorization, contingency and incident response plans and privacy impact assessment.
• Assist in the independent assessment of security controls, designing mitigation strategies and developing POA&Ms.
• Prepare materials for security authorization decision.
• Support continuous monitoring of the system through attendance at change management meetings, identifying impacts to security, performing risk assessments and communicating potential impacts with recommendations. Represent the system during ongoing security control assessments and provide updates to key documentation.

Minimum Qualifications:

• At least five (5) years of professional experience performing information assurance, ISSO or security operations duties in support of federal government agencies.
• Experience developing System Security Plans, determining and documenting security control implementation across all families of NIST SP 800-53 Rev 4 (soon to be Rev 5) specifically within a cloud environment.
• Knowledge and experience in writing security policies, procedures, guidance, standards and instructional materials.
• Experience analyzing and documenting security control deficiencies and system vulnerabilities in a cloud environment.

Desired Qualifications:

• One or more of the following certifications: CISSP, CAP, CCSK, CISA, and CISM.
• Experience with Microsoft Azure, Microsoft Azure MAG.
• Strong grasp of cloud computing SaaS, PaaS and IaaS fundamentals with experience developing security plans or conducting assessments of cloud solutions.
• Working knowledge of FedRAMP standards and methods.

Clearance Requirements:

• Active DOD/DSS SECRET security clearance or higher (interim is acceptable).

About Acuity:

 

Acuity, Inc. is a leading management and technology consulting firm that specializes in serving the federal government. Our innovative, collaborative and rewarding work environment has earned repeat honors from the Washington Business Journal’s Best Places to Work and SmartCEO Corporate Culture awards.

 

Why Choose Acuity?

• Innovative Excellence: Recognized by The Washington Post's "Top Workplaces" and a nine-time recipient of the Washington Business Journal's "Best Places to Work," Acuity fosters an environment where innovation thrives and employees flourish.
• Competitive Compensation: We value our employees and show it through highly competitive compensation and benefits packages.
• Personal Growth: Your potential isn't just recognized at Acuity, it's actively cultivated. With tailored training, mentorship, and cutting-edge resources, we empower you to thrive personally and professionally.
• Recognition and Visibility: Stand out in a competitive industry with Acuity's exceptional customer feedback and robust opportunity channels.
• Collaborative Culture: At Acuity, teamwork isn't just a buzzword – it's the cornerstone of our success. Encouragement and support fuel our collaborative culture, where every voice matters.
• Diversity and Inclusion: Diversity isn't just a checkbox – it's who we are. At Acuity, we pride ourselves on recruiting and maintaining a workforce that celebrates diversity and treats every employee with dignity and respect.

Join Acuity, where your talents are valued, your growth is nurtured, and your impact is amplified. Together, let's shape the future of digital strategy and technology consulting.

 

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.