Senior Cybersecurity Engineer (Cybersecurity)

TL;DR

Senior Cybersecurity Engineer (Cybersecurity): Managing the full Authority to Operate (ATO) lifecycle for knowledge graph-based data products and ensuring continuous compliance with government regulations and security controls. Focus on utilizing eMASS for RMF processes, implementing NIST SP 800-53/53A controls, and developing comprehensive system security documentation.

Location: Must be based in the US and possess an Active Top Secret (TS) Clearance.

Company

hirify.globaloration is a solution-driven company delivering data insights and technology solutions to customers with missions critical to U.S. national interests.

What you will do

• Serve as the primary security point of contact (ISSM) for assigned Information Systems (IS).
• Manage the full Authority to Operate (ATO) lifecycle, ensuring accurate and timely submission of system security plans (SSPs).
• Utilize eMASS as the official RMF workflow and reporting tool for system registration, control selection, and continuous monitoring.
• Oversee the implementation and assessment of NIST SP 800-53/53A security controls and provide expert guidance on remediation.
• Develop, review, and maintain all system security documentation, including SSPs, POA&Ms, Contingency Plans, and Incident Response Plans.
• Establish and execute a robust Continuous Monitoring (ConMon) strategy and act as the primary security point of contact during security incidents.

Requirements

• 7+ years of experience in Information System Security, with at least 3 years in an ISSM, ISSE, or IS Security Officer role supporting government systems.
• Active Top Secret (TS) Clearance is required.
• Extensive, demonstrable experience using eMASS for the complete RMF process is mandatory.
• Expert-level understanding of the NIST Risk Management Framework (RMF) and its application to Department of Defense (DoD) or Federal systems.
• In-depth familiarity with NIST SP 800-53/53A controls, baselines, and assessment procedures.
• Must possess a current DoD 8140 IAT Level III certification (e.g., CISSP, CASP+, CISM).

Nice to have

• Experience with other security tools, such as vulnerability scanners (Nessus, ACAS), Security Information and Event Management (SIEM) systems, and configuration management tools.
• Familiarity with GovCloud Security and secure DevSecOps practices.

Culture & Benefits

• Opportunity for growth in a collaborative environment.
• Work with cutting-edge technologies to solve complex data challenges.
• Equal Opportunity Employer.
• Reasonable accommodations for qualified individuals with disabilities.