Cyber Security Engineer

Overview

BigBear.ai is seeking a Cyber Security Subject Matter Expert (SME) to lead security and compliance efforts for enterprise production systems in a dynamic, cloud-based environment. This role is pivotal in supporting system authorization activities and ensuring secure, scalable, and resilient solutions across the program.

As a Cyber SME, you'll collaborate with cross-functional teams-including Development, Cloud, and DevSecOps-as well as key security stakeholders (ISSO, ISSM, SCA) to drive cybersecurity strategy, implement Zero Trust principles, and maintain Authority to Operate (ATO) or Authority to Connect (ATC).

What you will do

• System Authorization (ATO/ATC):
  Lead efforts to obtain and sustain ATO/ATC for production systems, ensuring alignment with federal cybersecurity frameworks
• Cross-Team Collaboration:
  Partner with engineering and DevSecOps teams to embed security throughout the SDLC and CI/CD pipelines
• Architecture & CONOPS Review:
  Evaluate system architectures, data flows, and CONOPS documentation to ensure compliance with Zero Trust and organizational security policies
• Vulnerability & Risk Management:
  Track and support remediation of security findings; manage POA&Ms and ensure timely resolution of vulnerabilities
• Cybersecurity Standards Development:
  Define and maintain enterprise-wide cybersecurity standards, best practices, and implementation guidelines
• Continuous Monitoring & Compliance:
  Support ongoing risk assessments, configuration management, and continuous monitoring activities
• Zero Trust Implementation:
  Champion Zero Trust Architecture (ZTA) by guiding identity-centric access control, micro-segmentation, least privilege, and continuous validation strategies

What you need to have

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field (or equivalent experience)
• 5+ years of cybersecurity experience, including 3+ years supporting federal ATO/ATC processes
• Must be able to obtain security clearance with the federal government
• Strong knowledge of NIST RMF, FedRAMP, and Zero Trust Architecture
• Proven experience working with ISSOs, ISSMs, SCAs, and technical teams
• Familiarity with AWS environments and DevSecOps practices
• Solid understanding of network security, IAM, encryption, and vulnerability management
• Excellent communication, coordination, and documentation skills

What we'd like you to have

• Industry certifications such as CISSP, CISM, CAP, or equivalent
• Experience with containerized applications, Infrastructure as Code (IaC), and continuous compliance tools

About BigBear.ai

BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. Customers and partners rely on Bigbear.ai's predictive analytics capabilities in highly complex, distributed, mission-based operating environments. Headquartered in McLean, Virginia, BigBear.ai is a public company traded on the NYSE under the symbol BBAI. For more information, visit and follow BigBear.ai on LinkedIn: @BigBear.ai and X: @BigBearai.

BigBear.ai is an Equal opportunity employer all protected groups, including protected veterans and individuals with disabilities.