Vannevar - InfoSec Engineer - Compliance (ATO)
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Must have personally led or been deeply involved in achieving ATOs or DISA provisional authorizations • 5+ years in information security, with significant time in government/DoD compliance • Direct experience with RMF, NIST 800-53, DISA STIGs, and IL-4/IL-5/IL-6/IL-7 environments • Track record of working closely with government ISSMs, AOs, to navigate and expedite bureaucratic processes • Experience with XACTA, eMASS, or similar government accreditation platforms • Deep understanding of classified network architectures (SIPR, JWICS) • Experience implementing RBAC, audit logging, and data classification systems • Knowledge of cloud security in AWS GovCloud, Google Government, and Azure Government • Familiarity with container security, Kubernetes/OpenShift in classified environments • Understanding of cross-domain solutions and data transfer between classification levels • Ability to navigate complex government processes and build relationships with government stakeholders • Strong written communication for technical documentation and compliance artifacts • Must hold an active U.S. TS Security clearance with SCI Eligibility • U.S. TS Security clearance with SCI Eligibility
Responsibilities
• Own and execute our strategy for how we approach ATOs across our customers. • Lead the end-to-end ATO process for IL-6 (SIPR) and IL-7(JWICS) environments, through full authorization and follow-on compliance. • Own RMF (Risk Management Framework) documentation and control implementation across multiple simultaneous ATOs • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports • Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures • Serve as a liaison between system owners and other security personnel, ensuring that selected security controls are effectively implemented and maintained throughout the lifecycle of projects • Interface directly with government ISSMs, AOs, and security stakeholders to manage authorization packages and navigate accreditation tools (XACTA, eMASS) • Design and implement role-based access controls, data classification frameworks, and audit logging capabilities for classified environments • Architect solutions for handling TS/SCI data with proper controls and separation that meet DoD requirements • Ensure compliance with DISA STIGs, SRGs, NIST 800-53, and DoD hardening standards • Build scalable systems and processes for managing ATOs across different customers and sponsors • Coordinate with platform engineering teams on security roadmap priorities and technical implementation • Manage relationships with government sponsors and identify opportunities to parallel-path authorization efforts • Work closely with mission engineering teams deploying to classified environments and partner with compliance engineering on FedRAMP and CMMC efforts • Brief executive leadership on ATO status, risks, and strategic decisions
Benefits
• We’re proud to offer competitive benefits that support our employees. Some key highlights of our benefits package include: • Health, dental, and vision insurance • Remote friendly with WeWork access • Unlimited PTO, shared downtime during the federal holiday calendar, and company-wide off time at the end of each year • Lifestyle & wellbeing stipends • Salary top-up during military reserve duty • Fully paid parental leave • Child and pet care reimbursement during travel
No credit card. Takes 10 seconds.