Charleston, South Carolina


Cyber Assessment & Authorization (A&A) Engineer/Analyst 3

KBR is seeking candidates with Assessment & Authorization experience to join a team supporting the Defense Health Agency (DHA) Security Solutions Division (SDD).


**Note: This position is remote, but candidate must be available for EST conference calls and able to travel (up to 35%) as required by the customer and project leads.

ABOUT THIS POSITION   Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) within the Defense Health Agency to ensure assigned DoD systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications.  Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs.  This position will be a part of a team developing recommended courses of action needed to transition current policies and procedures to the Risk Management Framework (RMF) approved processes.  Provide solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined and solutions require the continuation of specialized theories and knowledge. Serve as Subject Matter Expert (SME) on one or more technologies.


  • BS degree and six (6) years of experience with Information Technology/Information Assurance or twelve (12) years of hands-on experience with Information Technology/Information Assurance.
  • Travel: 30-35%

  • Must possess a CompTIA Security + to start work 
  • OS Certification/Approved Training completed within 180 days of hire 
  • Clearance:  Active Secret clearance

Additional Qualifications: 

  • Experience with DIACAP and RMF in DHA a plus 
  • Experience with Accreditation package management in eMASS a plus 
  • Excellent customer service and organization skills 
  • Excellent oral and written communication skills 

Familiarity with Guidance:  

  • Risk Management Framework 
  • NIST 800 series policies & Guidance 
  • NIST Federal Information Processing Standards (FIPS) 
  • Department of Defense Instructions (DoDI) 
  • Security Technical Implementation Guides (STIGs) 

Familiarity with Toolsets/Technlogies: 

  • STIGViewer, 
  • Vulnerator, 
  • eMASS 
  • Assured Compliance Assessment Solution (ACAS) 

Knowledge in at least one in the following OS/Technologies 

  • Windows 
  • Linux/Unix 
  • Network Devices 
  • Databases – MS SQL , Oracle 
  • VMWare – Virtualization 
  • Web Services 
  • Active Directory / Group Policy 
  • Group Policy 
  • Scripting

Learn more about KBR by visiting

Scheduled Weekly Hours:


KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

Charleston, South Carolina

KBR Government Solutions ensures mission success for customers on land, at sea, in the air, and in space and cyberspace. We create value and drive innovation by combining engineering, technical and scientific expertise with our full life cycle capabilities, mission knowledge and future-focused technologies. We are known for excelling in complex and extreme environments and trusted to overcome the nation’s most pressing challenges. When it’s mission critical, customers call KBR first - We Deliver.