RemoteLeaf Logo
Log in Sign up

Security / RMF Engineer

2 days, 19 hours ago
United States
Full-time
Mid Level
Security Engineer
DevOps and Infrastructure
AWS Datadog DevSecOps HIPAA SIEM Splunk TLS
Apply Now
ARETUM

ARETUM

Leading government contractor providing technology-enabled mission support services to federal agencies worldwide.

Construction & Engineering
View All Jobs 19

Description

  • Develop and maintain RMF documentation including System Security Plans (SSP), Plans of Action & Milestones (POA&M), and Security Assessment Report (SAR) inputs.
  • Map and implement security controls across application, infrastructure, and cloud system layers.
  • Manage and support the Authority to Operate (ATO) lifecycle, including authorization workflows and POA&M tracking.
  • Coordinate and communicate with VA security stakeholders and other agency contacts on compliance and authorization matters.
  • Support vulnerability management activities including scanning, prioritization, remediation tracking, and verification.
  • Enable and maintain continuous monitoring and compliance processes, including logging/monitoring and SIEM integration.
  • Integrate security into development and deployment processes (DevSecOps) and perform risk assessments to identify and document system risks and mitigations.

Requirements

  • Knowledge of RMF and NIST SP 800-53 control families and tailoring.
  • Experience with ATO processes, including SSP development, POA&M management, and authorization workflows.
  • Familiarity with ServiceNow GRC or similar governance, risk, and compliance tracking tools.
  • Cloud security experience, particularly AWS security controls and the shared responsibility model.
  • Identity & Access Management knowledge, including RBAC, least-privilege, and federation concepts.
  • Encryption and key management experience, including TLS, data-at-rest encryption, and KMS.
  • Vulnerability management experience with scanning tools and remediation workflows.
  • Logging and monitoring experience with SIEM concepts and tools (e.g., Splunk, Datadog).
  • Awareness of compliance standards and network security concepts such as HIPAA, FISMA/FedRAMP basics, segmentation, ingress/egress controls, and TIC.
  • U.S. citizenship required; ability to obtain and maintain Public Trust or suitability determination; position is remote with occasional travel expected (less than 10%).

Benefits

  • Health care plan (medical, dental, and vision).
  • Retirement plan (401k).
  • Life insurance (basic, voluntary, and AD&D).
  • Paid time off.
  • Family leave (maternity and paternity).
  • Short-term and long-term disability coverage.
  • Training and professional development opportunities.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Aledade

Senior Security Engineer II (Engineering & Tooling), Remote

Aledade 1K-5K Health Care Providers & Services

Aledade is hiring a Senior Security Engineer II to design and operate security tooling and infrastructure protections for a remote, cloud-focused environment supporting its healthcare platform.

United States Full-time Senior Security Engineer
Ansible Argo CD AWS Azure Bash Buildkite Chef CrowdStrike Cybersecurity Datadog DevSecOps Docker GCP Helm HIPAA Jenkins Kubernetes Network Security PowerShell Python SIEM Splunk Terraform
4 hours, 21 minutes ago
Binance

Blockchain Security Engineer (Smart Contract Auditing)

Binance 5K-10K Capital Markets

Binance is hiring a Blockchain Security Engineer to perform smart contract auditing and on-chain security analysis across wallets, blockchains, and related blockchain products in a remote role based in Taipei/Asia.

Taiwan Full-time Junior Security Engineer
Blockchain Encryption Git Go Python Rust VS Code
4 hours, 36 minutes ago
Sysdig

Staff Threat Research Engineer

Sysdig 251-1K IT Services

Sysdig is hiring a Staff Threat Research Engineer to research cloud-based attacks and drive threat detection and security solutions for containers, Kubernetes, and cloud environments.

United States Full-time Lead Research Scientist Security Engineer
$163k-$204k
Cybersecurity Kubernetes Linux Penetration Testing
4 hours, 51 minutes ago
Pingwind

Senior Technical Lead for Systems Security

Pingwind 51-250 Internet Software & Services

PingWind is hiring a remote Senior Technical Lead for Systems Security to assess and strengthen security compliance for federal systems, with the main objective of ensuring required controls are met and risks are identified and mitigated.

Anywhere Full-time Lead Security Engineer
Cybersecurity
4 hours, 51 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers