HHS A&A Subject Matter Expert (SME)

Rockville, MD - USA

Monthly Salary: Not Disclosed

Posted on: 19 hours ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks an A&A Subject Matter Expert (SME) to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology or related field.
Minimum 810 years of experience supporting federal RMF and A&A programs.
Expert knowledge of NIST SP 800-37 NIST SP 800-53 NIST SP 800-53A and FISMA.
Extensive experience reviewing and approving ATO and ongoing authorization packages.
Hands-on experience with eGRC platforms (e.g. RSA Archer).
Experience briefing senior executives and Authorizing Officials.
Strong written analytical and verbal communication skills.
Active CAP CISSP or CISM (preferred)

Duties:

Serve as the enterprise SME for Authorization & Accreditation (A&A) and ongoing authorization activities.
Oversee and coordinate ATO packages across HRSA to ensure consistency completeness and compliance.
Provide expert guidance on NIST SP 800-37 Rev. 2 FISMA OMB A-130 and HHS authorization policies.
Review and validate SSPs SARs POA&Ms Continuous Monitoring Plans and Risk-Based Decisions (RBDs).
Ensure annual authorization packages and continuous monitoring deliverables meet HRSA timelines.
Support Authorizing Officials (AOs) and senior leadership during authorization decision-making.
Develop and maintain A&A guidance SOPs templates and standard operating procedures.
Coordinate with ISSOs SCAs GRC staff and system owners to resolve authorization issues.
Support enterprise-level ATO tracking dashboards and reporting metrics.
Prepare executive briefings and reports on authorization posture trends and risks.
Support audits OIG reviews and external data calls related to system authorizations.
Identify opportunities to streamline authorization processes and improve quality through automation.