
Cybersecurity Engineer – Clearance Required
Posted 8 hours ago

Posted 8 hours ago
This is a fully remote position, open to applicants in United States.
• Oversee Risk Management Framework (RMF) initiatives for the LIGER deployment, encompassing system categorization, control selection and customization, implementation, assessment, and ongoing monitoring.
• Take ownership of and maintain authorization documentation: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and relevant documentation in accordance with DHS standards.
• Collaborate directly with ISSOs, Authorizing Officials, and cybersecurity working groups to facilitate Authority to Operate (ATO) and ongoing authorization processes.
• Analyze NIST 800-53 controls in relation to the LIGER platform and convert them into actionable engineering specifications.
• Conduct and evaluate vulnerability scans throughout CI/CD pipelines and runtime environments, prioritize findings, and lead remediation efforts with the engineering team.
• Confirm secure configurations and hardening baselines (e.g., CIS Benchmarks, DISA STIGs) on containers, hosts, and cloud resources.
• Collaborate with platform engineers on cloud and container security in AWS GovCloud, focusing on IAM, network controls, secrets management, logging, and runtime protection.
• Create and sustain security policies, procedures, and standard operating procedures (SOPs) tailored to LIGER on customer infrastructure.
• Monitor audit findings, remediation actions, and POA&M items until resolution.
• Assist in the implementation and inheritance of FedRAMP-aligned controls where applicable.
• Provide guidance to senior LIGER leadership on system risk levels, control effectiveness, and emerging compliance issues for AI/LLM systems in federal settings.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related discipline.
• Over 5 years of experience in designing, implementing, and monitoring cybersecurity solutions within federal contexts.
• More than 5 years of practical RMF experience, including ATO development and continuous monitoring aligned with NIST 800-53.
• Possession of CISSP, CISM, or an equivalent senior-level cybersecurity certification.
• Experience in securing LLM, GenAI, or agentic AI systems, focusing on data handling, prompt and tool-call risks, and model output controls.
• Solid understanding of cloud security, specifically AWS, with experience in GovCloud or other high-compliance environments.
• Proficient in vulnerability management processes: scanning, triage, remediation tracking, and reporting.
• Familiarity with hardening systems to comply with secure baselines such as CIS Benchmarks or DISA STIGs.
• Knowledge of secure software development practices: secrets management, access control, auditability, and CI/CD pipeline security.
• Excellent written communication abilities, including the capability to create ATO artifacts that withstand assessor and AO scrutiny.
• Skill in converting compliance requirements into specific engineering tasks while maintaining close collaboration with developers.
• High Fringe/Full-Time
Datavant
Action1
ClanX
Amentum
Get handpicked remote jobs straight to your inbox weekly.