Systems Security Engineer - RMF

Full-Time Onsite | No Travel

This Jobot Job is hosted by: Madeline Lazarus
Are you a fit? Easy Apply now by clicking the "Apply Now" button and sending us your resume.
Salary: $120,000 - $150,000 per year

A bit about us:

We are a defense-focused engineering organization supporting cybersecurity and information assurance initiatives across U.S. Navy environments. Our team specializes in securing critical systems through authorization management, risk mitigation strategies, vulnerability assessment processes, and cybersecurity engineering practices designed to support evolving compliance and operational requirements.

Title: Software Systems Engineer III
Location: Manassas, VA
Salary: $110,000 - $150,000

Why join us?

• Full time salaried position, direct hire, full benefits package
• Annual profit sharing program
• 401k with company match
• Relocation assistance (Sign-On Bonus for moving expenses, generally $2k-$4k)
• Quick interview process
• Great opportunity for career advancement
• Excellent employee tenure on average
• 3 weeks vacation for 1st year (standard, potential to negotiate)
• Medical, Dental, Vision from your first day of work!

Job Details

We are seeking a cybersecurity engineering professional to lead and execute Risk Management Framework activities supporting multiple Navy information systems. This role drives authorization efforts from system categorization through ongoing monitoring while partnering across technical teams to maintain cybersecurity compliance, vulnerability remediation, and authorization readiness.

What you will be doing:
Lead multiple Navy information systems through the full RMF lifecycle.
Develop, submit and maintain complete authorization packages including SSPs, SAPs, SARs, RARs, POA&Ms, architectural diagrams, and hardware/software inventories.
Assess and validate NIST SP 800-53 security controls and develop defensible control implementation narratives to support SCA and AO reviews.
Implement and validate STIG compliance across operating systems, databases, applications, and network components.
Conduct vulnerability scanning and analysis using ACAS/Nessus, SCAP Compliance Checker, and related cybersecurity assessment tools.
Manage POA&M activities including risk characterization, remediation tracking, milestone management, and evidence validation through closure.
Collaborate with system owners, ISSMs, ISSOs, SCAs, AOs, developers, and engineers to support authorization decisions and continuous monitoring activities.
Develop and maintain authorization boundary diagrams, system architectures, data flow mappings, and security documentation.
Support change impact analysis, ongoing authorization activities, and continuous monitoring strategies across multiple systems.
Integrate cybersecurity and assessment activities into Agile development and DevSecOps workflows where applicable.

Must Have:
Bachelor's degree in Cybersecurity, Computer Science, Systems Engineering, Information Technology, or related technical field; equivalent experience may be considered in lieu of a degree.
3-8 years of experience supporting RMF, cybersecurity engineering, information assurance, or systems security engineering activities within DoD environments.
Experience executing the full RMF lifecycle in accordance with NIST SP 800-37 for DoD or Navy information systems.
Strong knowledge of NIST SP 800-53 Rev 4 and/or Rev 5 security controls and control assessment methodologies.
Experience developing RMF artifacts including SSPs, SAPs, SARs, RARs, and POA&Ms.
Proficiency with ACAS/Nessus, SCAP Compliance Checker, STIG Viewer, and vulnerability management processes.
Familiarity with system architectures, authorization boundaries, network diagrams, and secure systems engineering concepts.
Ability to communicate technical security findings and risk determinations to technical and non-technical stakeholders.
Experience supporting multiple concurrent authorization efforts in Agile or fast-paced engineering environments.
Preferred Skills:

Nice to Have:
Experience supporting Navy RMF implementations, NAVSEA processes, or Navy-specific authorization workflows.
Proficiency with eMASS and VRAM.
Experience supporting DoD cloud authorization efforts including IL4-IL6 or FedRAMP environments.
Familiarity with Kubernetes, OpenShift, container security, or DevSecOps CI/CD pipelines.
Relevant certifications such as Security+, CISSP, CAP, CISM, or AWS Security certifications.
Experience supporting SCA evaluations or serving as an ISSE or ISSM.
Strong organizational skills with the ability to independently manage multiple priorities and concurrent efforts.

Interested in hearing more? Easy Apply now by clicking the "Apply Now" button.

Jobot is an Equal Opportunity Employer. We provide an inclusive work environment that celebrates diversity and all qualified candidates receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, age (40 and over), disability, military status, genetic information or any other basis protected by applicable federal, state, or local laws. Jobot also prohibits harassment of applicants or employees based on any of these protected categories. It is Jobot's policy to comply with all applicable federal, state and local laws respecting consideration of unemployment status in making hiring decisions.

Sometimes Jobot is required to perform background checks with your authorization. Jobot will consider qualified candidates with criminal histories in a manner consistent with any applicable federal, state, or local law regarding criminal backgrounds, including but not limited to the Los Angeles Fair Chance Initiative for Hiring and the San Francisco Fair Chance Ordinance.

Information collected and processed as part of your Jobot candidate profile, and any job applications, resumes, or other information you choose to submit is subject to Jobot's Privacy Policy, as well as the Jobot California Worker Privacy Notice and Jobot Notice Regarding Automated Employment Decision Tools which are available at jobot.com/legal.

By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Jobot, and/or its agents and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here: jobot.com/privacy-policy