RemoteLeaf Logo
Log in Sign up

InfoSec Engineer - Compliance (ATO)

3 weeks, 1 day ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
Kubernetes OpenShift
Apply Now
Vannevar Labs

Vannevar Labs

Vannevar Labs is a defense company that combines top engineering talent with decades of mission experience to deliver state-of-the-art technology to those in need. They specialize in a foreign text workflow platform, Decrypt, designed for national secu...

Aerospace & Defense
11-50
$87M raised
View All Jobs 26

Description

  • Own and execute the company’s strategy for pursuing ATOs across customers.
  • Lead the end-to-end ATO process for IL-6 (SIPR) and IL-7 (JWICS) environments, including follow-on compliance.
  • Own RMF documentation and control implementation across multiple simultaneous ATOs.
  • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports.
  • Implement, oversee, monitor, and maintain security configurations, practices, and procedures for classified environments.
  • Serve as a liaison between system owners and security personnel to ensure controls are implemented and maintained throughout the project lifecycle.
  • Interface with government ISSMs, AOs, and security stakeholders to manage authorization packages and accreditation tools such as XACTA and eMASS.
  • Design and implement role-based access controls, data classification frameworks, and audit logging capabilities.
  • Architect solutions for handling TS/SCI data with proper controls and separation that meet DoD requirements.
  • Ensure compliance with DISA STIGs, SRGs, NIST 800-53, and DoD hardening standards.
  • Build scalable systems and processes for managing ATOs across different customers and sponsors.
  • Coordinate with platform engineering on security roadmap priorities and technical implementation.
  • Manage relationships with government sponsors and identify opportunities to parallel-path authorization efforts.
  • Partner with mission engineering and compliance engineering teams on deployments to classified environments and FedRAMP/CMMC efforts.
  • Brief executive leadership on ATO status, risks, and strategic decisions.

Requirements

  • 5+ years of experience in information security, with significant time in government or DoD compliance.
  • Must have personally led or been deeply involved in achieving ATOs or DISA provisional authorizations.
  • Direct experience with RMF, NIST 800-53, DISA STIGs, and IL-4/IL-5/IL-6/IL-7 environments.
  • Experience working closely with government ISSMs and AOs to navigate and expedite bureaucratic processes.
  • Experience with XACTA, eMASS, or similar government accreditation platforms.
  • Deep understanding of classified network architectures, including SIPR and JWICS.
  • Experience implementing RBAC, audit logging, and data classification systems.
  • Knowledge of cloud security in AWS GovCloud, Google Government, and Azure Government.
  • Familiarity with container security and Kubernetes/OpenShift in classified environments.
  • Understanding of cross-domain solutions and data transfer between classification levels.
  • Ability to navigate complex government processes and build relationships with government stakeholders.
  • Strong written communication skills for technical documentation and compliance artifacts.
  • Must hold an active U.S. TS Security clearance with SCI eligibility.

Benefits

  • Health, dental, and vision insurance.
  • Remote-friendly work environment with WeWork access.
  • Unlimited PTO, shared downtime during the federal holiday calendar, and company-wide time off at year-end.
  • 401(k) match.
  • Lifestyle and wellbeing stipends.
  • Salary top-up during military reserve duty.
  • Fully paid parental leave.
  • Child and pet care reimbursement during travel.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

6sense

Staff Security Engineer - SecOps & Threats

6sense 1K-5K IT Services

6sense is hiring a Security Operations and Threat Management professional to protect the company through monitoring, incident response, threat research, and security automation.

United States Full-time Senior Security Engineer
$231k-$266k
AWS SIEM
2 hours, 21 minutes ago
Egen.ai

Lead Cloud Engineer- Network Specialist

Egen.ai IT Services

Egen is hiring a Lead Cloud Engineer – Network Specialist to own hands-on delivery of hybrid cloud networking and network security for client environments.

Anywhere Full-time Lead Network Engineer Security Engineer
$177k-$208k
AWS Azure GCP Load Balancing Salesforce Terraform
3 hours, 9 minutes ago
Branch

Corporate Security Engineer

Branch 51-250 Professional Services

Branch is hiring a Corporate Security Engineer to own endpoint security and insider risk programs for its fully remote fintech workforce, protecting laptops, browser sessions, and corporate identities while translating policy into technical controls.

United States Full-time Mid Level Security Engineer
$125k-$135k
Bash macOS OAuth Python SIEM
3 hours, 34 minutes ago
Ethos Solutions

Senior IT Engineer

Ethos Solutions 1-10 Professional Services

Ethos is hiring a Senior IT Engineer to lead its cloud-first internal IT environment and drive secure, scalable operations that support the company’s employees and business systems.

United States Full-time Senior Security Engineer Technical Support Engineer
$109k-$193k
Bash macOS Python
6 hours, 48 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers