RemoteLeaf Logo
Log in Sign up

InfoSec Engineer - Compliance (ATO)

1 hour, 39 minutes ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
Kubernetes OpenShift
Apply Now
Vannevar Labs

Vannevar Labs

Vannevar Labs is a defense company that combines top engineering talent with decades of mission experience to deliver state-of-the-art technology to those in need. They specialize in a foreign text workflow platform, Decrypt, designed for national secu...

Aerospace & Defense
11-50
$87M raised
View All Jobs 19

Description

  • Own and execute the company’s strategy for pursuing ATOs across customers.
  • Lead the end-to-end ATO process for IL-6 (SIPR) and IL-7 (JWICS) environments, including follow-on compliance.
  • Own RMF documentation and control implementation across multiple simultaneous ATOs.
  • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports.
  • Implement, oversee, monitor, and maintain security configurations, practices, and procedures for classified environments.
  • Serve as a liaison between system owners and security personnel to ensure controls are implemented and maintained throughout the project lifecycle.
  • Interface with government ISSMs, AOs, and security stakeholders to manage authorization packages and accreditation tools such as XACTA and eMASS.
  • Design and implement role-based access controls, data classification frameworks, and audit logging capabilities.
  • Architect solutions for handling TS/SCI data with proper controls and separation that meet DoD requirements.
  • Ensure compliance with DISA STIGs, SRGs, NIST 800-53, and DoD hardening standards.
  • Build scalable systems and processes for managing ATOs across different customers and sponsors.
  • Coordinate with platform engineering on security roadmap priorities and technical implementation.
  • Manage relationships with government sponsors and identify opportunities to parallel-path authorization efforts.
  • Partner with mission engineering and compliance engineering teams on deployments to classified environments and FedRAMP/CMMC efforts.
  • Brief executive leadership on ATO status, risks, and strategic decisions.

Requirements

  • 5+ years of experience in information security, with significant time in government or DoD compliance.
  • Must have personally led or been deeply involved in achieving ATOs or DISA provisional authorizations.
  • Direct experience with RMF, NIST 800-53, DISA STIGs, and IL-4/IL-5/IL-6/IL-7 environments.
  • Experience working closely with government ISSMs and AOs to navigate and expedite bureaucratic processes.
  • Experience with XACTA, eMASS, or similar government accreditation platforms.
  • Deep understanding of classified network architectures, including SIPR and JWICS.
  • Experience implementing RBAC, audit logging, and data classification systems.
  • Knowledge of cloud security in AWS GovCloud, Google Government, and Azure Government.
  • Familiarity with container security and Kubernetes/OpenShift in classified environments.
  • Understanding of cross-domain solutions and data transfer between classification levels.
  • Ability to navigate complex government processes and build relationships with government stakeholders.
  • Strong written communication skills for technical documentation and compliance artifacts.
  • Must hold an active U.S. TS Security clearance with SCI eligibility.

Benefits

  • Health, dental, and vision insurance.
  • Remote-friendly work environment with WeWork access.
  • Unlimited PTO, shared downtime during the federal holiday calendar, and company-wide time off at year-end.
  • 401(k) match.
  • Lifestyle and wellbeing stipends.
  • Salary top-up during military reserve duty.
  • Fully paid parental leave.
  • Child and pet care reimbursement during travel.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

K

Senior Security Engineer

K2 Space Corporation 51-200 Defense and Space Manufacturing

K2 Space is seeking a hands-on security engineer to protect the systems and teams behind its high-powered satellite programs as the company scales its corporate IT and mission operations environment.

United States Full-time Senior Security Engineer
$125k-$155k
C++ Go Linux macOS Network Security Python Rust
9 minutes ago
Tines

Senior Security Operations Engineer

Tines 51-250 Construction & Engineering

Tines is hiring a Senior Security Operations Engineer to help mature its security program by driving security operations, automation, and incident response across cloud and corporate environments.

United States Full-time Senior Security Engineer
AWS Azure Docker Go Kubernetes Linux macOS Python
9 minutes ago
Figma

Security Engineer

Figma 1K-5K Internet Software & Services

Figma is hiring a remote-first Security Engineer to drive systemic security improvements across its product, platform, and internal systems on teams focused on AI Security, Platform Security, Product Security, and Anti-Abuse.

United States Full-time Senior Security Engineer
$153k-$376k
Figma Penetration Testing
44 minutes ago
Cribl

Senior Security Operations Engineer

Cribl 251-1K IT Services

Cribl is hiring a remote-first Security Operations Engineer to strengthen its information security posture by leading incident response, detection engineering, and threat investigations across the company’s environment.

United States Full-time Senior Security Engineer
$128k-$200k
AWS Azure Bash GCP Node.js OAuth OpenID Connect Python Ruby SAML SIEM
1 hour, 35 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers