Sr. Information Assurance Engineer

About The Position

Requirements

• MA/MS in a related field with a minimum 10+ years of relevant experience, or BA/BS in a related field with a minimum 15+ years of relevant experience.
• Five years’ experience in monitoring, testing, troubleshooting, and performing corrective actions for Cybersecurity IT systems.
• Active Secret security clearance
• U.S. citizenship required.
• CompTIA Security+ Certification
• Direct operational experience with security scanning and vulnerability management tools, specifically Fortify and Amazon Inspector.
• Proficiency with Git and CI/CD orchestration using Azure DevOps (ADO).
• Demonstrates foundational knowledge of the RMF lifecycle, ATO processes, and DoD security methodologies, coupled with a practical understanding of key technologies including defensive cyber event logging, application security, commercial DoD PKI, and AWS/Azure cloud authorization.
• Experience in developing metrics from associated Cybersecurity elements, including trend analysis.
• Ability to provide input to internal project teams consisting of both system users and IT resources as well as functional proponents and Army communities to ensure effective use of IT solutions, tools, and processes.

Nice To Haves

• Prior experience working with ECMA to implement DoD cloud solutions.
• Familiarity with additional code quality and security tools such as SonarQube, Semgrep, or Checkmarx.
• Prior experience transitioning enterprise systems from DoD IL5 to IL6 environments.
• Advanced cloud or security certifications (e.g., AWS Certified Security Specialty, CISSP, CCSP).

Responsibilities

• Lead the design, implementation, and maintenance of advanced security controls within AWS cloud environments operating at DoD IL5, ensuring architectural readiness for future IL6 integration.
• Architect and manage security testing integrations within Azure DevOps (ADO) and Git environments. Embed and automate Application Security (AppSec) into the CI/CD pipeline.
• Administer, utilize, and optimize security testing tools, specifically Fortify and Tenable, to identify, assess, and drive the remediation of code and infrastructure vulnerabilities.
• Conduct continuous compliance auditing and security assessments. Apply foundational (junior-level) knowledge of the DoD Risk Management Framework (RMF) to support the generation and maintenance of artifacts required for Authority to Operate (ATO).
• Analyze complex security scan results, coordinate cross-functionally with development teams to remediate findings, and enforce strict DoD security configuration guidelines (e.g., STIGs, SRGs).
• Provide input to internal project teams consisting of both contract partners and government customer to ensure effective use of IT solutions, tools, and processes.

Benefits

• A competitive compensation package
• Comprehensive health and wellness benefits, including medical, dental, and vision plans
• Access to company-provided retirement savings options with matching contributions
• Opportunities for professional growth and continued learning
• Additional perks such as discounts on various services and products
• Remote work