Cybersecurity Engineer

at Defense Unicorns
πŸ’° $132k-$197k
πŸ‡ΊπŸ‡Έ United States - Remote
πŸ”’ CybersecurityπŸ”΅ Mid-level

Job description

EMPLOYER IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP.

Role Description:

As a cybersecurity SME within Delivery at Defense Unicorns, you will be responsible for owning all aspects of the RMF process from accreditation of the platform for our mission heroes. You will be expected to champion modern, continuous security implementations within DoD environments and systems (approval processes). Your perpetual goal will be to accelerate the ATO process while simultaneously improving our security posture, thus pushing for cultural change away from security theater and towards responsive and resilient systems. While working within the existing DoD processes, you will also work with other engineers to find the best paths forward and contribute to Unicorn mission capabilities and open source solutions to further streamline ongoing and future efforts.

Responsibilities:

  • Leading and pathfinding the effort to achieve accreditation in accordance with NIST-800 series requirements.
  • Developing and implementing cybersecurity policies, procedures, and controls necessary to meet DoD accreditation standards.
  • Conducting comprehensive risk assessments and vulnerability analyses to identify potential security threats and mitigate risks.
  • Collaborating with cross-functional teams including software developers, system architects, and other Government stakeholders to integrate cybersecurity measures into the software development lifecycle.
  • Performing security testing and evaluation of our software platform to identify vulnerabilities and weaknesses (STIGs, ACAS, CI/CD security testing, etc.)
  • Providing guidance and support to ensure continuous monitoring and maintenance of cybersecurity controls.
  • Preparing and maintaining documentation required for the accreditation process, including System Security Plans (SSPs), Security Assessment Reports (SARs), and other relevant artifacts.
  • Staying up-to-date with evolving cybersecurity threats, technologies, and regulations to proactively address security challenges and compliance requirements.
  • Serving as a subject matter expert on cybersecurity best practices, standards, and procedures within the organization.
  • Supporting automated Compliance-as-Code capabilities that continuously evaluate the cybersecurity posture of the tech stack.

The listed responsibilities are not exhaustive and additional responsibilities may be assigned based on the evolving needs of the organization. We are seeking a dynamic individual who is able to adapt and take on new responsibilities as they arise.

*Job level and salary are contingent on candidate qualifications and interview performance.

Mid: $132,300 - $171,500

Senior: $162,000 - $197,100

Preferred Experience and Qualifications:

  • Proven experience in cybersecurity engineering, with a focus on achieving accreditation for software systems within the DoD environment.
  • Proven track record of thinking outside the box and pushing the boundaries of the RMF/ATO status quo.
  • In-depth knowledge of NIST-800 series standards, particularly NIST-800-53, and experience applying these standards to achieve accreditation.
  • Skilled at translating technical implementation (infrastructure as code and configuration as code) into verifiable eMASS security control responses that Approving Officials (AOs), and their staffs, can understand.
  • Strong understanding of cybersecurity principles, technologies, and best practices, including encryption, authentication, access control, and secure coding practices.
  • Hands-on experience with security assessment tools and techniques, such as vulnerability scanning and security analysis.
  • Familiarity with software development methodologies and practices, particularly Agile and DevSecOps.
  • Excellent analytical and problem-solving skills, with the ability to assess complex systems and identify security risks.
  • Effective communication and interpersonal skills, with the ability to collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders.
  • Eligibility to obtain and maintain a DoD security clearance.
  • Eligibility to obtain and maintain privileged access in a Government Cloud Environment (relevant training and/or certifications).

Desired Experience:

  • Experience building and supporting continuous authority to operate (cATO) packages within the DoD
  • Experience with Open Security Controls Assessment Language (OSCAL)
  • Ability to use OSCAL to manage control implementation and statements as β€œcompliance as code”
  • Understand how products and deployments affect the OSCAL lifecycle from upstream to operations
  • Familiarity with Department of the Air Force (DAF) security approval processes to include AFI 17-101
  • Familiarity with DAF Gov Cloud offerings and inherited controls in Gov Cloud environments
  • Familiarity with the Cloud Computing Security Requirements Guide (CC SRG)
  • Experience working in a remote team or asynchronous work environment where focus, discipline, and comfort navigating/leveraging various communication forms and frequencies to disseminate and prioritize information and keep stakeholders informed

Full compensation packages are based on candidate experience. Compensation ranges are established using national benchmarking data and apply across all geographic locations within the United States.

Remote - USA

$132,300β€”$197,100 USD

Who We Are

Defense Unicorns delivers mission value by streamlining software delivery so our customers can focus on the most important challenges. We share a vision of freedom and security for the advancement of progress and innovation. Our commitment to this vision, and to our mission-driven customers, means a commitment to speed, user experience and optionality, without compromising security. Our team is composed of innovators, software engineers, and veterans with decades of experience delivering technology programs across the federal market.

What We Do

We create and deliver secure solutions for continuous software integration and delivery. Defense Unicorns consolidates the best practices for security pipelines, testing, and deployment automation in order to meet the high security requirements valued by mission owners. Our solutions are agnostic by design and we believe that growing a robust ecosystem of secure, cloud-native software solutions can help enterprise customers inside and outside the federal market buy and integrate software more easily.

Who We Serve

Defense Unicorns’ customers are mission-focused leaders across public and private enterprises. We proudly support defense and civil agencies across the U.S. government and we work closely with the creators of leading-edge software solutions to deliver value to the mission-owner by improving the security and consumability of commercial software products.

What We Work On

  • Kubernetes
  • Cloud Environments (AWS/GCP and Azure)
  • Infrastructure-as-code (like Terraform/Pulumi)
  • Continuous Delivery and automation tooling
  • GitOps
  • Containers
  • CNCF projects and open source products and packages
  • Helm/Kustomize-Value Stream Mapping
  • Building and improving security delivery
  • Building Kubernetes and cloud native applications

Benefits Our Unicorns Enjoy

Health:

  • Medical/Dental/Vision
  • Premiums are 100% Company Paid
  • Health Reimbursement Account
  • Life Insurance
  • Disability Insurance

Financial:

  • 401k Retirement Plan
  • Company Stock Options
  • Home Office Budget

Leave:

  • Unlimited paid time off, with a mandatory 10 days off on top of 11 federal government holidays, week of Thanksgiving, last two weeks of December (including New Year’s Day)
  • Paid Parental Leave

Learning:

  • Reimbursement for approved trainings/subscriptions
  • Conferences (travel, lodging, and fees)

Don’t have all the preferred experience or qualifications? Studies show that underrepresented groups like women and people of color are less likely to apply to jobs if they don’t meet every requirement listed.

At Defense Unicorns, we’re committed to diversity. If you’re enthusiastic about the role but don’t match every criteria, we encourage you to apply. You could be the perfect fit for this or another role! Defense Unicorns is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

CCPA DISCLOSURE

Share this job:
Please let Defense Unicorns know you found this job on Remote First Jobs πŸ™

Similar Remote Jobs

Latest Jobs at Defense Unicorns

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service πŸ™

Apply