Information Assurance Engineer

Job not on LinkedIn

November 20

Apply Now

Receive Emails with Similar Jobs

Simplesense

WebsiteLinkedInAll Job Openings

Cybersecurity • Government • Security

Simplesense is a company that focuses on protecting critical infrastructure from cyber threats by deploying the proven Installation Resilience Platform. Their platform applies zero trust principles to Operational Technology and Control Systems (OT/CS), providing features such as segmentation, encryption, and continuous monitoring to enhance resilience against cybersecurity threats. Simplesense has secured the first ongoing Authority to Operate (ATO) for an Air Force industrial control system, showcasing their capability to rapidly secure and deploy solutions across multiple locations. Their solutions integrate sensor and system data for better mission readiness, using industry-leading partners and scalable technology stacks. Simplesense leverages their deep experience in agile methodology and compliance with the latest Department of Defense zero trust architecture for more efficient and secure deployments.

11 - 50 employees

🔒 Cybersecurity

🏛️ Government

🔐 Security

💰 $629.1k Seed Round on 2020-12

📋 Description

• Support the full RMF A&A lifecycle to achieve and maintain the system Authority to Operate (ATO) with DOD. • Develop, author, and maintain all core A&A documentation (e.g., SSP, system diagrams, ConMon plans) within the system’s eMASS record, ensuring all controls, artifacts, and package details are accurate. • Coordinate with key stakeholders, including Information System Owners, ISSMs, external assessors, and the Authorizing Official Designated Representative (AODR), providing strategic guidance and responding to data requests to ensure the success of all Authorization to Operate (ATO) processes. • Conduct security assessments, including vulnerability scans, DISA STIG validation, and security control testing. Work with engineering and support teams to facilitate the remediation of identified vulnerabilities and Plans of Action and Milestones (POAMs). In all phases of the RMF process, work to eliminate manual processes with automation. • Perform continuous monitoring and incident response by leveraging SIEM tools (e.g., Splunk) for log analysis and dashboard creation, conducting vulnerability scans, proactively investigating potential threats, and updating all compliance documentation. • Administer and maintain enterprise security tools and platforms (e.g., SIEM, EDR, vulnerability scanners), ensuring operational integrity, scalability, and alignment with organizational security policies • Provide technical and procedural guidance to engineering and operations staff to ensure secure system design, operation and automation tooling. • Prepare for and support government cybersecurity audits by staying current on all evolving DoD policies, including DFARS, CMMC, and NIST guidance. • Executed end-to-end incident response (IR) for cyber events, from initial detection and containment to eradication and recovery.

🎯 Requirements

• 7+ years of experience with DoD RMF processes • Prior experience as an ISSM/ISSO • Deep understanding of NIST SP 800-53 and cybersecurity control implementation • Experience managing eMASS entries and ATO packages • Strong technical writing and documentation skills • Strong understanding of the DoD Zero Trust Strategy, with the ability to operationalize the pillars of Identity, Devices, Networks, Applications, and Data • Must be a U.S. Citizen and able to obtain a DoD NIPR network account and Common Access Card (CAC) • Must be able to obtain DoD 8570/8140 IAT Level II certification (e.g., CompTIA Security+ CE) within 6 months of hire • Must have, or be able to obtain, a Secret Clearance.

🏖️ Benefits

• Equity • Medical, Life, Short-Term Disability, and AD&D insurance • Medical travel coverage • Dental coverage • Vision coverage • 401k matching