ICF
Authorization & Accreditation (A&A) Program Lead - Security Clearance Required (
ICF, San Jose, California, United States, 95199
Overview
ICF is seeking an experienced Authorization & Accreditation (A&A) Program Lead to support a Defense Human Resources Activity (DHRA) cybersecurity program. The A&A Program Lead will manage and execute Risk Management Framework (RMF) activities across multiple DHRA information systems, ensuring compliance with DoD and NIST cybersecurity standards. The role provides expert guidance on RMF policy and process implementation, oversees the quality of authorization packages, and serves as the primary RMF point of contact for DHRA system owners and stakeholders. Work Location
Work will be performed on-site in Monterey, CA or Alexandria, VA. Responsibilities
Oversee and manage the RMF lifecycle for DHRA information systems in accordance with NIST SP 800-37, SP 800-53, CNSSI 1253, and DoDI 8510.01. Serve as the primary point of contact for all A&A and RMF activities within the Cyber PRIMES program. Lead, mentor, and coordinate the work of RMF analysts, assessors, and documentation specialists. Develop and maintain key RMF artifacts including Security Assessment Plans (SAPs), System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms). Ensure consistent, compliant implementation of RMF controls and processes across multiple DHRA systems and environments. Review and validate control implementations, risk assessments, and authorization documentation for accuracy and completeness. Interface with Authorizing Officials (AOs), Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) to coordinate authorization packages and schedules. Support continuous monitoring activities, vulnerability management, and risk mitigation planning. Track ATO timelines, renewal cycles, and compliance posture across the DHRA enterprise. Advise program and technical leadership on RMF requirements, control inheritance, and security posture impacts of system changes. Contribute to governance boards and working groups focused on cybersecurity policy, reporting, and tool optimization. Required Qualifications
Bachelor’s degree in a technical discipline (or related field). Minimum 10 years of progressively responsible experience in cybersecurity risk management or RMF execution roles supporting DoD or Federal environments. Experience in RMF policy, processes, and documentation development is required. Must have experience leading A&A or ISSM/ISSO teams through system authorization or reauthorization cycles. Active US Government issued Security Clearance. Due to contract requirements, US Citizenship is required. A current certification in at least one of the following areas is required: CISM, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GICSP, GSLC. Desired Qualifications
Master’s degree in cybersecurity, information systems, or a related technical field. ITIL v4 or equivalent process management certification. Experience supporting DHRA or DoD Component RMF implementations and governance processes. Strong familiarity with eMASS, ACAS, STIG Viewer, and other DoD assessment tools. Demonstrated ability to lead security authorization efforts across hybrid and cloud environments. Excellent communication and stakeholder engagement skills; proven ability to interface with AOs, SCA personnel, and senior leadership. Working at ICF
ICF is a global advisory and technology services provider. We combine expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future. We are an equal opportunity employer, and our employees are empowered to share their expertise and collaborate to achieve personal and professional goals. For more information, please read our EEO policy. Additional Information
We will consider qualified applicants with arrest and conviction records. Reasonable accommodations are available, including for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email candidateaccommodation@icf.com. Read more about workplace discrimination rights or our benefit offerings included in the Transparency in (Benefits) Coverage Act. Candidate AI Usage Policy: The use of AI tools to generate or assist with responses during interviews is not permitted. If an accommodation involving AI is needed, please contact us in advance at candidateaccommodation@icf.com. Pay Range: The pay range for this position based on full-time employment is $130,037.00 - $221,063.00, California Client Office (CA88).
#J-18808-Ljbffr
ICF is seeking an experienced Authorization & Accreditation (A&A) Program Lead to support a Defense Human Resources Activity (DHRA) cybersecurity program. The A&A Program Lead will manage and execute Risk Management Framework (RMF) activities across multiple DHRA information systems, ensuring compliance with DoD and NIST cybersecurity standards. The role provides expert guidance on RMF policy and process implementation, oversees the quality of authorization packages, and serves as the primary RMF point of contact for DHRA system owners and stakeholders. Work Location
Work will be performed on-site in Monterey, CA or Alexandria, VA. Responsibilities
Oversee and manage the RMF lifecycle for DHRA information systems in accordance with NIST SP 800-37, SP 800-53, CNSSI 1253, and DoDI 8510.01. Serve as the primary point of contact for all A&A and RMF activities within the Cyber PRIMES program. Lead, mentor, and coordinate the work of RMF analysts, assessors, and documentation specialists. Develop and maintain key RMF artifacts including Security Assessment Plans (SAPs), System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms). Ensure consistent, compliant implementation of RMF controls and processes across multiple DHRA systems and environments. Review and validate control implementations, risk assessments, and authorization documentation for accuracy and completeness. Interface with Authorizing Officials (AOs), Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) to coordinate authorization packages and schedules. Support continuous monitoring activities, vulnerability management, and risk mitigation planning. Track ATO timelines, renewal cycles, and compliance posture across the DHRA enterprise. Advise program and technical leadership on RMF requirements, control inheritance, and security posture impacts of system changes. Contribute to governance boards and working groups focused on cybersecurity policy, reporting, and tool optimization. Required Qualifications
Bachelor’s degree in a technical discipline (or related field). Minimum 10 years of progressively responsible experience in cybersecurity risk management or RMF execution roles supporting DoD or Federal environments. Experience in RMF policy, processes, and documentation development is required. Must have experience leading A&A or ISSM/ISSO teams through system authorization or reauthorization cycles. Active US Government issued Security Clearance. Due to contract requirements, US Citizenship is required. A current certification in at least one of the following areas is required: CISM, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GICSP, GSLC. Desired Qualifications
Master’s degree in cybersecurity, information systems, or a related technical field. ITIL v4 or equivalent process management certification. Experience supporting DHRA or DoD Component RMF implementations and governance processes. Strong familiarity with eMASS, ACAS, STIG Viewer, and other DoD assessment tools. Demonstrated ability to lead security authorization efforts across hybrid and cloud environments. Excellent communication and stakeholder engagement skills; proven ability to interface with AOs, SCA personnel, and senior leadership. Working at ICF
ICF is a global advisory and technology services provider. We combine expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future. We are an equal opportunity employer, and our employees are empowered to share their expertise and collaborate to achieve personal and professional goals. For more information, please read our EEO policy. Additional Information
We will consider qualified applicants with arrest and conviction records. Reasonable accommodations are available, including for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email candidateaccommodation@icf.com. Read more about workplace discrimination rights or our benefit offerings included in the Transparency in (Benefits) Coverage Act. Candidate AI Usage Policy: The use of AI tools to generate or assist with responses during interviews is not permitted. If an accommodation involving AI is needed, please contact us in advance at candidateaccommodation@icf.com. Pay Range: The pay range for this position based on full-time employment is $130,037.00 - $221,063.00, California Client Office (CA88).
#J-18808-Ljbffr