Posted: 12/28/2021

H2 Performance Consulting is subject to the Vietnam Era Veteran's Readjustment Assistance Act as a Federal Contractor and is an Equal Opportunity/Affirmative Action Employer and strives to build a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Additionally, as mandated under Executive order 12989, H2 is required to verify employment eligibility of selected candidates through the Department of Labor’s - E-Verify.
H2 is seeking an Assessment and Authorization (A&A) Analyst to support the Data Center and Cloud Hosting Services (DC2HS) Component Enterprise Data Centers (CEDC)Team. This is a remote work opportunity.
The Assessment and Authorization (A&A) Analyst will manage customer-required Risk Management Framework (RMF) efforts for Department of Defense (DoD) customers. This role will work collaboratively with Information Technology (IT) Engineers and System Administrators to conduct Cyber Security (CS) analysis, mitigation, remediation, and monitoring to ensure compliance with applicable DoD and Department of the Navy (DON) policies, procedures, and regulations. This position includes all activities associated with obtaining and maintaining RMF Authority to Operate (ATO) for systems within the customer’s multi-faceted network infrastructure, which includes multiple platforms residing on multiple security enclaves.
The position responsibilities include:

  • Manage Plans of Actions and Milestones (POA&Ms) resulting from system vulnerabilities from ACAS scans and STIG checks
  • Maintain package artifacts and test results within eMASS
  • Coordinate with configuration management personnel to process Requests for Change (RFCs) into Use Cases
  • Review and recommend updates to package artifacts such as policies and procedures to address non-compliant controls
  • Assist with annual security reviews to maintain ATOs
  • Identify and coordinate with ATO stakeholders to ensure system documentation reflects current system security configurations to include hardware and software components; data flow; interconnections; and ports, protocols, and services, etc.
  • Develop risk acceptance documentation for pending vulnerabilities
  • Education:  BA/BS or MA/MS
  • Experience:  5 - 7Years Related Professional Experience desired
    • 2+ years performing A&A responsibilities including policy development, control testing, POA&M management, and Configuration Management
    • 8+ years’ experience supporting an IT Enterprise environment in a cyber, system administration, engineering, or management capacity.
    • Experience using MS office tools such as Excel, Word and Visio
    • Experience working with DoD tools such as eMASS
    • Experience working with security engineers to review compliance scans
    • Experience performing cybersecurity assessments using standards such as CIS Benchmarks, DISA STIGS, etc.
    • Broad technical experience related to IT operations, networks, OS's, and system administration
    • Excellent customer service and organization skills
    • Excellent verbal and written communication skills
    • Ability to work both independently and as a member of a team
    • Experience implementing agile practices is a plus
  • Certification(s):
    • DoD 8570 IAT Level II 
  • Security Clearance:  Candidates must be a U.S. Citizen and hold an active Secret security clearance at the time of application.  Will be required to obtain a T5.
Qualified candidates may submit their resume to the career section of our company website at   All resumes will be reviewed within 5 business days and those candidates we wish to further in the application process will be contacted via email/phone to schedule initial phone screens.