Security Assessment and Authorization Lead

General Dynamics

Quick summary

Work type
On-site
Location
Rockville, MD
Salary
$142,792–$184,000 / yr
Posted
today

Market check

Salary context

Competitive pay

How this pay compares to similar roles

Similar $180k
This role $163k
$122k most similar roles pay here $219k

This role pays less than 56% of similar roles. Most pay $149,750–$209,400 — the shaded band above. At the midpoint, this role pays about $163k versus about $180k for comparable roles.

Based on 240 similar postings.

Employer

About General Dynamics

General Dynamics is a global aerospace and defense company offering a broad portfolio of products and services in business aviation, ship construction, land combat vehicles, and information technology. It serves customers in the U.S. government, allied governments, and a diverse array of commercial markets.

General Dynamics currently has 514 open roles on FindRole.

Listed pay typically runs $118,519–$150,385 across 431 roles with salary data.

Most-posted roles

View all roles at General Dynamics

At a glance

TL;DR · Security Assessment and Authorization Lead

As the Security Assessment & Authorization (SA&A) Lead at GDIT, you will lead the enterprise A&A program, ensuring compliance with NIST RMF and FISMA standards for all information systems. Your responsibilities include managing teams to develop security documentation, conducting readiness reviews, and coordinating third-party assessments. You will provide expert guidance on authorization strategies and support initiatives like boundary optimization and FedRAMP leveraging activities. This role requires a deep understanding of cybersecurity frameworks such as NIST SP 800-37 and experience with eGRC tools like JCAM or Archer. Ideal candidates have at least five years of experience leading A&A programs for NIH, HHS, or similar agencies, along with certifications like CISSP or CISM.

What you'll do

  • Lead execution of RMF phases for assigned systems, including categorization and continuous monitoring.
  • Manage teams developing SSPs, SARs, SAPs, POA&Ms, PTAs, PIAs, eAuth documentation, and contingency plans.
  • Conduct assessment readiness reviews to ensure authorization packages meet quality standards.
  • Provide expert guidance on RMF expectations and authorization strategies for federal leadership.
  • Coordinate IV&V of third-party assessments and review contractor-provided documentation for completeness.

What we're looking for

  • At least 5 years of experience leading FISMA-based A&A programs.
  • Possession of relevant certifications such as CISSP, CISM, or equivalent.
  • Deep understanding and application of NIST SP 800 series standards.
  • Expertise in managing assessment teams and reviewing security documentation.
  • Experience with eGRC tools like JCAM, Archer, CSAM for A&A processes.
  • Strong stakeholder coordination and communication skills for RMF compliance.

More like this

Similar roles

Lead Security Architect

Wells Fargo

Charlotte, NC +3 2 days ago $119,000$187,000
SailPoint ActiveDirectory HashiCorpVault IAM CI/CD AWS Azure GCP Kubernetes Terraform Python Java PostgreSQL OracleDB REST OAuth OpenIDConnect LDAP SCIM JSON XML Docker Kafka Prometheus Grafana
Hybrid

Security Risk Management Lead

Affirm

Remote 26 days ago $165,000$225,000
Python Cursor Claude AWS GCP CI/CD NIST Cyber Security Framework ISO 2700x SOC1&2(SSAE18) PCI DSS SQL BI tools Kubernetes Terraform
Remote

Lead Information Security Analyst

McKesson Corporation

Remote 3 days ago $165,400$275,600
Python Bash PowerShell Azure Databricks Jenkins Github Actions Splunk Evidently App Dynamics Datadog Dynatrace BigPanda LogicMonitor SIEM IAM DLP SOAR MLOps AI Machine Learning Data Engineering Cloud Security Solutions Zero Trust Security Frameworks Threat Intelligence Platforms Vulnerability Management Platforms Application Security Platforms
Remote

Lead, Application Security

Prudential Financial

Newark, NJ 100 days ago $123,700$204,100
DevSecOps Python Bash PowerShell OWASP Top 10 SAST SCA DAST ASPM NIST PCI DSS AWS Azure GCP CI/CD CIS MITRE ATT&CK SOX

SAP Basis and Security Administrator

Palo Alto Networks

Santa Clara, CA 20 days ago $110,000$178,000
SAP S/4HANA SAP NetWeaver SAP PI/PO SAP GTS SAP GRC SLT SAP HANA Linux High Availability (HA) Disaster Recovery (DR) EarlyWatch Alert (EWA) SAP Solution Manager Python Shell Scripting AI ABAP Java
Hybrid

Lead DI Security and Compliance Analyst

Rockwell Automation

Remote (Milwaukee, WI) 10 days ago
AWS Azure GCP COSO COBIT NIST Cybersecurity Framework ISO 27001 SOX 302/404 SAP Oracle Workday Salesforce IFS Cloud Security Operations Access Management Platform Security Data Security Cybersecurity principles Vulnerability management Data protection IT General Controls Risk assessment methodologies PCI DSS
Remote Hybrid