Authorization and Accreditation Lead

Location: McLean, VA

Department: Application Development

Join our team at Core One! Our mission is to be at the forefront of devising analytical, operational and technical solutions to our Nation's most complex national security challenges. In order to achieve our mission, Core One values people first! We are committed to recruiting, nurturing, and retaining top talent! We offer a competitive total compensation package that sets us apart from our competition. Core One is a team-oriented, dynamic, and growing company that values exceptional performance!

Core One is seeking Authorization and Compliance Lead to support our IC program. This position requires a TS/SCI w/ Poly clearance.

The Authorization and compliance Lead is responsible for implementing and maintaining cybersecurity controls, ensuring compliance with federal regulations, and guiding information systems through the Customer’s A&A process. This role requires a deep understanding of federal cybersecurity standards, proactive engagement with stakeholders, and the ability to operate independently in a fast-paced environment.

Key Responsibilities: 

• Lead and execute activities across all RMF phases (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor).
• Develop, review, and maintain accreditation artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and POA&Ms.
• Monitor compliance with NIST 800-53, 800-171, ICD 503, FedRAMP, FISMA, and agency-specific policies. Prepare for and support audits, inspections, and assessments.
• Conduct vulnerability scanning, compliance checks, risk assessments, and remediation tracking using tools such as Nessus or Tenable.sc.
• Create and maintain security documentation, continuous monitoring strategies, incident response plans, and compliance reports. Provide briefings and status updates to leadership and Authorizing Officials.
• Collaborate with system owners, engineers, and developers to ensure security is integrated into design, development, and operations.
• Support investigation, response, and remediation of security incidents.
• Manage account recertifications, access reviews, and deliver security awareness training at the system level.
• Serve as the primary cybersecurity point of contact for assigned systems, ensuring clear communication with internal and external stakeholders.

Required Qualifications 

• Bachelor’s Degree, or more advanced degree, in Information Technology, Computer Science, Cybersecurity, Computer Engineering, or Information Systems or related field 
• 5+ years of cumulative experience spanning IT systems administration, cybersecurity compliance, IT system troubleshooting, and incident  
• 6+ years of experience in a role such as Information Systems Security Engineer (ISSE), accrediting Sponsor programs
• Experience with completing new system(s) authorization and accreditation through the Sponsor’s Authorization and Accreditation (A&A) processes, procedures, security requirements, and systems (e.g. Greenlight) 
• Experience using the Sponsor’s A&A process to accredit systems built on C2E or C2S Amazon Web Services
• Experience in security policy, counterintelligence, and security controls
• TS/SCI w/ Poly Clearance 

Desired Qualifications:

• Certified in AWS or equivalent cloud technology 
• Security+, Certified Information System Security 
• Professional (CISSP), Certified Information Security 
• Manager (CISM), or equivalent

Core One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

__PRESENT