Posted today
Top Secret/SCI
Mid Level Career (5+ yrs experience)
Unspecified
IT - Security
Huntsville, AL (On-Site/Office)
Title: Security Engineer (Platform Assurance / Compliance) - Mid-Level
Clearance: TS/SCI
Location: Huntsville, Al
Contact: Cdinnocenti@altaits.com
Overview
We are seeking a Mid-Level Security Engineer specializing in Platform Assurance and Compliance to play a vital role in securing and accrediting our mission-critical cloud-based systems for Federal Government clients. This position requires hands-on security engineering knowledge combined with a deep understanding of federal compliance frameworks.
Key Responsibilities
As a Mid-Level Security Engineer, you will:
• Compliance Implementation: Support and execute tasks related to achieving and maintaining system Authority to Operate (ATO) status under frameworks such as the Risk Management Framework (RMF) and FedRAMP High.
• Security Control Implementation: Apply knowledge of NIST 800-53 controls to define, implement, and verify security configurations across cloud platforms, prioritizing FedRAMP High requirements.
• Cloud Security Engineering: Work directly with engineers to implement secure design patterns within AWS GovCloud, focusing on core security components like IAM, robust encryption (KMS/TLS), and ensuring secure logging pipelines.
• Documentation & Assessment: Assist in drafting and reviewing critical accreditation documentation, including ATO documentation, control statements, risk assessments, and system boundary artifacts.
• Vulnerability Management: Utilize and manage vulnerability scanning tools to identify security weaknesses and collaborate with development teams to track and prioritize remediation efforts.
• Stakeholder Collaboration: Facilitate clear and effective communication between engineering teams, accreditation bodies, and mission stakeholders regarding security posture and compliance status.
Required Qualifications & Expertise
• Experience: Minimum 6+ years of professional experience in cybersecurity engineering, security analysis, or compliance roles.
• Compliance Focus: At least 3+ years of direct experience supporting systems under major federal accreditation frameworks, including RMF, FedRAMP, CJIS, or similar ATO-driven systems.
• Federal Standards: Strong working knowledge of NIST 800-53 controls and FedRAMP High requirements.
• Cloud Security: Experience implementing and verifying security controls within AWS GovCloud environments, specifically focusing on IAM, encryption (KMS/TLS), and reliable logging pipelines.
• Tooling: Familiarity with vulnerability scanning tools and the security review process.
• Documentation: Proven experience writing or contributing to essential ATO documentation, including control statements, risk assessments, and system boundary artifacts.
• Communication: Strong communication skills and experience supporting technical collaboration across multi-disciplinary teams.
Desired Qualifications
• Relevant security certification (e.g., CISSP, CISM, CASP+, Security+).
• Hands-on experience with configuration management tools (e.g., Ansible, Terraform).
• Active Security Clearance (Secret, TS, or TS/SCI).
Clearance: TS/SCI
Location: Huntsville, Al
Contact: Cdinnocenti@altaits.com
Overview
We are seeking a Mid-Level Security Engineer specializing in Platform Assurance and Compliance to play a vital role in securing and accrediting our mission-critical cloud-based systems for Federal Government clients. This position requires hands-on security engineering knowledge combined with a deep understanding of federal compliance frameworks.
Key Responsibilities
As a Mid-Level Security Engineer, you will:
• Compliance Implementation: Support and execute tasks related to achieving and maintaining system Authority to Operate (ATO) status under frameworks such as the Risk Management Framework (RMF) and FedRAMP High.
• Security Control Implementation: Apply knowledge of NIST 800-53 controls to define, implement, and verify security configurations across cloud platforms, prioritizing FedRAMP High requirements.
• Cloud Security Engineering: Work directly with engineers to implement secure design patterns within AWS GovCloud, focusing on core security components like IAM, robust encryption (KMS/TLS), and ensuring secure logging pipelines.
• Documentation & Assessment: Assist in drafting and reviewing critical accreditation documentation, including ATO documentation, control statements, risk assessments, and system boundary artifacts.
• Vulnerability Management: Utilize and manage vulnerability scanning tools to identify security weaknesses and collaborate with development teams to track and prioritize remediation efforts.
• Stakeholder Collaboration: Facilitate clear and effective communication between engineering teams, accreditation bodies, and mission stakeholders regarding security posture and compliance status.
Required Qualifications & Expertise
• Experience: Minimum 6+ years of professional experience in cybersecurity engineering, security analysis, or compliance roles.
• Compliance Focus: At least 3+ years of direct experience supporting systems under major federal accreditation frameworks, including RMF, FedRAMP, CJIS, or similar ATO-driven systems.
• Federal Standards: Strong working knowledge of NIST 800-53 controls and FedRAMP High requirements.
• Cloud Security: Experience implementing and verifying security controls within AWS GovCloud environments, specifically focusing on IAM, encryption (KMS/TLS), and reliable logging pipelines.
• Tooling: Familiarity with vulnerability scanning tools and the security review process.
• Documentation: Proven experience writing or contributing to essential ATO documentation, including control statements, risk assessments, and system boundary artifacts.
• Communication: Strong communication skills and experience supporting technical collaboration across multi-disciplinary teams.
Desired Qualifications
• Relevant security certification (e.g., CISSP, CISM, CASP+, Security+).
• Hands-on experience with configuration management tools (e.g., Ansible, Terraform).
• Active Security Clearance (Secret, TS, or TS/SCI).
group id: COMPHLP
