Assessment and Authorization Specialist

The Swift Group is a privately held, mission-driven and employee-focused services and solutions company headquartered in Reston, VA. Our capabilities include Software Development, Engineering & IT, Data Science, Cyber Enablement, Logistics, and Training. Founded in 2019, Swift supports Civilian, Defense, and Intelligence Community customers across the country and around the globe.Swift is looking for an Assessment and Authorization (A&A) Specialist to support a dynamic program in Dulles, VA. In this role, you will guide information systems through the Risk Management Framework (RMF) lifecycle, manage security documentation, and serve as a trusted advisor to both technical teams and senior leadership. You will work within a collaborative, mission-focused environment where your expertise in INFOSEC policy, cyber risk, and stakeholder communication directly supports critical security programs.Responsibilities:Lead and execute A&A activities in accordance with the Risk Management Framework (RMF) methodology, ensuring systems meet all applicable security requirements for authorizationManage and maintain document repositories and security databases, ensuring accuracy, completeness, and version control of all A&A artifactsUtilize process tracking and document control software to monitor authorization milestones, track findings, and maintain auditable records of A&A activitiesDevelop, review, and update security documentation including System Security Plans (SSPs), Risk Assessments, and Plans of Action and Milestones (POA&Ms)Deliver clear written communications and briefings on cybersecurity posture, risk findings, and authorization status to both technical teams and senior non-technical leadershipProvide technical guidance and oversight across organizational levels, translating complex cybersecurity concepts into actionable recommendations for diverse audiencesOrganize, plan, and prioritize multiple concurrent tasks and deliverables to ensure on-schedule completion of all A&A milestones and program commitmentsApply in-depth knowledge of INFOSEC policies, regulations, and guidance to ensure compliant and defensible security practicesAssess and advise on cyber risks including malware, zero-day vulnerabilities, and denial-of-service threats, along with associated mitigations across computer and network environmentsBuild and maintain strong working relationships with customers at all organizational levels, delivering excellent service and fostering a collaborative approach to security challengesRequirements:Bachelor's degree in Management Information Systems, Information Assurance, Computer Engineering, or a closely related IT/cybersecurity discipline, or equivalent work experience10+ years of A&A experienceExperience applying the Risk Management Framework (RMF) methodology in a professional environmentExperience managing document repositories and databasesExperience with process tracking and document control softwareStrong writing, communications, and briefing skills with experience presenting to varied audiencesExperience providing technical guidance and oversight to both technical practitioners and non-technical, senior-level personnelProven ability to organize, plan, and prioritize multiple tasks to deliver work on scheduleSolid working knowledge of INFOSEC policies, regulations, and applicable security guidanceWorking knowledge of cyber risks, including malware, zero-day attacks, and denial-of-service attacks, as well as the associated mitigations across computer and network devicesExcellent customer service skills and the ability to collaborate with customers at all levelsUS citizenship and an active TS/SCI with Polygraph security clearance requiredDesired Experience:Demonstrated experience with the Customer's A&A process and associated documentation requirementsCertified Information Systems Security Professional (CISSP) certificationKnowledge of the Customer's standard project cycle, including key phases and governance milestonesDemonstrated experience with the Customer's diverse IT infrastructure, including operating systems, major application systems, and network architectureJ-18808-Ljbffr