RemoteLeaf Logo
Log in Sign up

InfoSec Engineer - Compliance (ATO)

1 month, 2 weeks ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
Kubernetes OpenShift
Apply Now
Vannevar Labs

Vannevar Labs

Vannevar Labs is a defense company that combines top engineering talent with decades of mission experience to deliver state-of-the-art technology to those in need. They specialize in a foreign text workflow platform, Decrypt, designed for national secu...

Aerospace & Defense
11-50
$87M raised
View All Jobs 22

Description

  • Own and execute the company’s strategy for pursuing ATOs across customers.
  • Lead the end-to-end ATO process for IL-6 (SIPR) and IL-7 (JWICS) environments, including follow-on compliance.
  • Own RMF documentation and control implementation across multiple simultaneous ATOs.
  • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports.
  • Implement, oversee, monitor, and maintain security configurations, practices, and procedures for classified environments.
  • Serve as a liaison between system owners and security personnel to ensure controls are implemented and maintained throughout the project lifecycle.
  • Interface with government ISSMs, AOs, and security stakeholders to manage authorization packages and accreditation tools such as XACTA and eMASS.
  • Design and implement role-based access controls, data classification frameworks, and audit logging capabilities.
  • Architect solutions for handling TS/SCI data with proper controls and separation that meet DoD requirements.
  • Ensure compliance with DISA STIGs, SRGs, NIST 800-53, and DoD hardening standards.
  • Build scalable systems and processes for managing ATOs across different customers and sponsors.
  • Coordinate with platform engineering on security roadmap priorities and technical implementation.
  • Manage relationships with government sponsors and identify opportunities to parallel-path authorization efforts.
  • Partner with mission engineering and compliance engineering teams on deployments to classified environments and FedRAMP/CMMC efforts.
  • Brief executive leadership on ATO status, risks, and strategic decisions.

Requirements

  • 5+ years of experience in information security, with significant time in government or DoD compliance.
  • Must have personally led or been deeply involved in achieving ATOs or DISA provisional authorizations.
  • Direct experience with RMF, NIST 800-53, DISA STIGs, and IL-4/IL-5/IL-6/IL-7 environments.
  • Experience working closely with government ISSMs and AOs to navigate and expedite bureaucratic processes.
  • Experience with XACTA, eMASS, or similar government accreditation platforms.
  • Deep understanding of classified network architectures, including SIPR and JWICS.
  • Experience implementing RBAC, audit logging, and data classification systems.
  • Knowledge of cloud security in AWS GovCloud, Google Government, and Azure Government.
  • Familiarity with container security and Kubernetes/OpenShift in classified environments.
  • Understanding of cross-domain solutions and data transfer between classification levels.
  • Ability to navigate complex government processes and build relationships with government stakeholders.
  • Strong written communication skills for technical documentation and compliance artifacts.
  • Must hold an active U.S. TS Security clearance with SCI eligibility.

Benefits

  • Health, dental, and vision insurance.
  • Remote-friendly work environment with WeWork access.
  • Unlimited PTO, shared downtime during the federal holiday calendar, and company-wide time off at year-end.
  • 401(k) match.
  • Lifestyle and wellbeing stipends.
  • Salary top-up during military reserve duty.
  • Fully paid parental leave.
  • Child and pet care reimbursement during travel.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Automox

Senior Manager, Security & IT Operations

Automox 251-1K Internet Software & Services

Automox is hiring a Senior Manager, Security & IT Operations to lead its security and IT operations teams, drive a 6-12 month roadmap, and strengthen endpoint, identity, and compliance programs for a fully distributed cloud-native company.

United States Full-time Lead Operations Manager Security Engineer
$160k-$190k
Bash Linux macOS PowerShell Python Secrets Management
1 hour, 11 minutes ago
Eleos

Senior Security Engineer

Eleos 51-250 IT Services

Eleos Health is hiring a Senior Security Engineer to help secure its AI-driven, multi-cloud behavioral health platform by partnering closely with R&D on architecture, data protection, and security controls.

Israel Senior Security Engineer
AWS Azure CI/CD Encryption GCP LLM
1 hour, 53 minutes ago
Kyivstar

SOC Engineer

Kyivstar 1K-5K Wireless Telecommunication Services

Kyivstar.Tech is hiring a SOC Engineer to strengthen its Security Operations team by improving monitoring, threat detection, and incident response processes for the company’s IT environment.

Ukraine Full-time Mid Level Security Engineer
Active Directory Cybersecurity Elasticsearch Linux SIEM Splunk
3 hours ago
Anduril Industries

Senior Cloud Security Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Security Engineer to build and operate defensive controls that protect the infrastructure supporting its advanced defense technology products.

United States Full-time Senior Security Engineer
$129k-$220k
AWS AWS CDK Azure CI/CD GCP Go Linux Network Security Python Rust Secrets Management Terraform
4 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers