Information Assurance (IA) Engineer

Title: Information Assurance (IA) Engineer

Duration: 12 months + Optional Years

Type: W2 / C2C

Positions: 2 nos (Junior and Senior Level)

Location: This position will be hybrid remote. Candidates will be required to work onsite as needed. Candidates need to be located near Hanscom AFB (Boston, MA) or work in Huntsville, AL.

Education and Years of Experience:

• Junior: Bachelor s Degree and 4+ years or more of experience; Master s and 3+ years or more of experience, additional years of experience may be accepted in lieu of degree.
• Senior: Bachelor s Degree and 8+ years or more of experience; Master s and 6+ years or more of experience, additional years of experience may be accepted in lieu of degree.

Responsibilities:

The Information Assurance (IA) Engineer will provide Risk Management Framework (RMF) engineering and cybersecurity support for the USAF Cloud One (C1) enterprise cloud environment supporting AWS, Azure, Oracle, and Google Cloud Platform at DoD Impact Levels (IL) 2 6. The position directly supports ISSO/ISSM functions, ATO sustainment, continuous monitoring, vulnerability management, and cybersecurity compliance activities in accordance with DoDI 8500.01, DoDI 8510.01 (RMF), AFI 17-101 (RMF), DoD Cloud Computing SRG, and NIST SP 800-53. This role will work closely with Government ISSOs, ISSMs, Authorizing Officials (AOs), Cybersecurity Service Providers (CSSPs), and Cloud One engineering teams to ensure continued ATO compliance, security posture improvement, and rapid remediation of vulnerabilities within the C1 environment.

Job Description:

• Develop, update, and maintain RMF authorization artifacts in accordance with DoDI 8510.01 and NIST SP 800-53.
• Provide RMF-required documentation and artifacts to Government ISSO/ISSM in support of Assessment & Authorization (A&A) activities.
• Maintain and update System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), POA&Ms, and supporting documentation.
• Support migration of security control baselines from NIST SP 800-53 Rev 4 to Rev 5, including control re-mapping, gap analysis, control implementation updates, and SSP/POA&M artifact revisions within DoD RMF processes.
• Support Continuous Authorization to Operate (cATO) within a DevSecOps or cloud-based environment, including implementation of automated control validation, continuous monitoring integration, and real-time POA&M management.
• Support ATO maintenance and sustainment activities for C1 and DPaaS environments.
• Support Authority to Use (ATU) conditions and remediation tracking as directed by the AO.
• Assist Government ISSO/ISSM with maintaining compliance with:

• DoDI 8500.01 (Cybersecurity)
• DoDI 8510.01 (RMF)
• AFI 17-101 (RMF)
• DoD Cloud Computing SRG
• DISA STIG/SRG
• CNSSI 1253

• Support security control assessments, audit readiness, and third-party cybersecurity inspections.
• Maintain audit log configuration, monitoring, and retention compliance.
• Support incident reporting and documentation in accordance with DFARS and .
• Ensure compliance with SCCA and Cloud SRG requirements.
• Support secure configuration of AWS, Azure, Oracle, and Google Cloud Platform cloud environments.

Required Skills:

• Bachelor s degree with 4 8 years of relevant experience, or Master s degree with 2 6 years of relevant experience. Additional years of experience may be considered in lieu of a degree.
• Active Secret clearance at a minimum required to start.
• ship required
• CompTIA Security+ (IAT Level II) or equivalent required

Preferred Skills

• Experience with USAF Cloud One or Platform 1
• Experience with Zero Trust Architecture
• Cloud certifications in AWS, Azure, Google, or Oracle clouds
• Automation experience
• Certifications: CISSP (IAT Level III) or equivalent