Senior Cybersecurity Engineer - Compliance & Risk ManagementHuman Resources Research Organization • Alexandria, VA, US
Senior Cybersecurity Engineer - Compliance & Risk Management
Human Resources Research Organization • Alexandria, VA, US
[job_card.30_days_ago]
[job_preview.job_type]
- [job_card.full_time]
[job_card.job_description]US Citizen with ability to obtain / maintain security clearance Work on-site at Alexandria VA (Up to 2 remote days possible after 90-day introductory period) Bachelor's degree in Cybersecurity, Computer Science, or equivalent field. Work experience may be considered in lieu of degree 7+ years of cybersecurity engineering and compliance experience 5+ years of enterprise experience managing Risk and Compliance efforts including multiple regulatory and standard security frameworks Existing Security+ certification or the ability to obtain within 6 months (CISSP, CCSP, or CISM preferred) Deep expertise in NIST 800-171, 800-53, RMF, and DoD compliance frameworks Hands-on experience with CMMC and FedRAMP authorization processes Proficiency in Office 365 security configuration and management Experience with vulnerability scanning tools (e.g. ACAS, Nessus, Rapid7, Qualys or equivalent) Strong analytical and information gathering skills with ability to work multiple tasks simultaneously under short deadlines Excellent communication skills for stakeholder engagement Active DoD clearance Experience in the nonprofit sector managing IT or related activities CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA) Experience with FedRAMP 3PAO assessments Knowledge of Supply Chain Risk Management (SCRM) frameworks AWS certifications (Solutions Architect, Security Specialty preferred) Experience with DevSecOps pipeline integration and IAC CISSP, CCSP, CISM, or CISSP-ISSAP certifications Knowledge of DoD STIG implementation and automated compliance tools Federal contracting and audit experience Experience with Atlassian suite (Jira, Confluence) Experience with eMASS package development and continuous monitoring activities Experience with STIG implementation and SCAP compliance validation Experience with bi-annual COOP testing and crisis management plan development Leadership experience managing technical teams People Management Experience is a plus Health, dental and vision insurance Life insurance equal to 2x annual salary Retirement plan with company matching Paid professional development and certification maintenance Tuition reimbursement 12 weeks of paid parental leave Generous paid time off and 10 paid holidays
Job Description
Job Description
Senior Cybersecurity Engineer - Compliance & Risk Management
The Human Resources Research Organization (HumRRO) is a non-profit leader in developing high-impact services and products in the arenas of employment, military, student testing, and professional credentialing and licensure. We work with federal and state government agencies, private sector organizations, and professional associations.
About the Organization
As a non-profit, HumRRO is dedicated to work that contributes to science and society. Our employees enjoy a highly collaborative and supportive environment that fosters innovation, ethical practice, and outstanding customer service. Our core operational staff includes Industrial-Organizational Psychologists, Educational Researchers, and Behavioral Science Consultants.
About the Job
We are seeking a Senior Cybersecurity Engineer to lead our enterprise compliance and security programs across federal, state, and private sector engagements. This role manages multiple compliance frameworks including CMMC, FedRAMP, SCRM, NIST 800-171 / 53, and ISO 27001 : 2022 regulatory requirements. You will work on compliance standards across hybrid cloud environments while leading a team of junior engineers conducting vulnerability assessments and security scanning operations. A significant portion of this role involves creating security documentation, developing compliance policies, responding to time-critical security requirements from clients, and managing third-party compliance audits.
As a Senior Cybersecurity Engineer, you will :
- Lead enterprise cybersecurity compliance programs (CMMC, FedRAMP, SCRM, NIST frameworks, ISO 27001 : 2022)
- Manage monthly compliance reporting and KPI dashboards for executive leadership
- Coordinate third-party compliance audits (NIST 800-171, CMMC, ISO 27001, FedRAMP) and remediation activities
- Maintain compliance evidence catalogs and SaaS compliance implementation controls
- Evaluate and implement security controls across software applications and cloud platforms AWS, Azure, and Office 365
- Oversee Risk Management Framework (RMF) processes for government contract organizations as well as applications in the DoD space (ATO / IATT / IATO documentation)
- Conduct weekly Plan of Action and Milestone (POA&M) reviews and monthly security assessments
- Develop and maintain security policies, procedures, and technical standards
- Lead vulnerability management programs & conduct security assessments and penetration testing coordination
- Manage business continuity of operations (COOP) program including disaster recovery and crisis management plans
- Lead incident response and security event investigation
- Mentor and manage junior cybersecurity engineers and analysts
- Interface with federal agencies, auditors, and compliance assessors
- Work with system architects for security requirements on existing cloud workloads, cloud migrations and / or hybrid environments
- Facilitate and oversee completion of all customers' cyber security questionnaires and qualifications with time-critical deadlines
- Coordinate with HumRRO Contracts Division on written responses to RFPs regarding IT security, controls, data privacy and regulatory compliance
- Assist with implementation and administration of cybersecurity supply chain risk management (C-SCRM) program
- Develop compliance documentation and security narratives for proposals
- Support business development with technical security expertise
- Serve as subject matter expert on internal security controls and regulations
Minimum Requirements :
Preferred :
The anticipated salary for this role is $100,000 to $155,000. Specific salary offers are based on candidate qualifications and experience.
Benefits :
All qualified applications will receive consideration without regard to race, color, religion, sex, national origin, age, marital status, sexual orientation, veteran status, medical condition, or disability. EEO / Vet / Disabled.
Named one of "50 Great Places to Work" by Washingtonian magazine and one of "Top Workplaces" by The Washington Post.
[job_alerts.create_a_job]
Cybersecurity Engineer • Alexandria, VA, US
[internal_linking.similar_jobs]
Assured Compliance Assessment Solution Cybersecurity Engineer.Join Booz Allen Hamilton as an.Assured Compliance Assessment Solution (ACAS) Cybersecurity Systems Engineer.
In this role you will deplo...[show_more]
Spear AI is a growing defense contracting company dedicated to delivering cutting-edge solutions that support our nation's security.
As we expand, we're building a culture where innovation m...[show_more]
Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets.We leverage more tha...[show_more]
Contract Task Lead / Cybersecurity Lead.Navy customer at Dahlgren NSWC, VA.Develop cybersecurity requirements, policy standards, best practices, guidance, and procedures for combat systems.Conduct ...[show_more]
Our client is seeking a Chief Cybersecurity Engineer to join their team! This position is located in Bethesda, Maryland.Serve as the principal cybersecurity engineer for enterprise systems, focusin...[show_more]
The Cybersecurity Lead is responsible for overseeing the design, implementation, and management of an organization’s cybersecurity strategy and infrastructure.
This role involves leading a tea...[show_more]
A consulting firm in Washington, D.Cyber Security Engineer SME – Associate Director to lead major cybersecurity tasks across networks.
The ideal candidate has extensive experience in cybersecurity e...[show_more]
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry.
We deliver tailored solutions, tested leadershi...[show_more]
Bachelor's degree (Master's Preferred) in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent;.Individual ...[show_more]
On our expert team, you\'ll perform work focused on implementing and operating next generation security solutions for government and commercial clients.
You\'ll perform hands-on evaluation, implemen...[show_more]
Do you want to contribute your technical expertise to U.Nation from highly capable and motivated nation-state adversaries?.
Would you enjoy shaping and conducting a varied portfolio of activities, s...[show_more]
DevSecOps platform for a DoD customer.The successful candidate will support accreditation activities to maintain Authority-to-Operate for on-prem networks and services, analyze security posture of ...[show_more]
Internetworks Consulting Services (ICS) is currently hiring for a Lead Cybersecurity Engineer with Linux and Cloud Integration to join our Federal Strategic Cyber Programs.Rosslyn, VA & Beltsvi...[show_more]
ARES is hiring a senior cybersecurity engineer to support a critical Department of Defense cybersecurity program.The ideal candidate will have demonstrated experience supporting system security ass...[show_more]
An E-Learning and Analytics software company that straddles both federal and commercial sectors is hiring for a Senior Cybersecurity Engineer specializing in Risk Management Framework.Their platfor...[show_more]
This is a hybrid position requiring 3 days on-site and 2 days remote.Reviewing testing and validation to ensure system functionality and compliance with security standards.Developing technical docu...[show_more]
Cybersecurity Engineer role at SAIC in Washington, DC.This position is full-time with day shift responsibilities and requires TS / SCI with polygraph clearance.
Design, implement, and maintain cyberse...[show_more]
Business Technology Integrators (BTI), A Service -Disable Veteran Owned Small Business with over 25 years of experience delivering innovative IT Solutions to the Federal Government, is seeking a&nb...[show_more]
Assured Compliance Assessment Solution Cybersecurity Engineer
Booz Allen Hamilton • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Cybersecurity Engineer - Senior
Spear AI • Giesboro, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Senior Cybersecurity Specialist
Barbaricum • Fort Belvoir, VA, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Senior Cybersecurity Engineer
RPI Group Inc • Dahlgren, VA, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Chief Cybersecurity Engineer
KellyMitchell Group • Bethesda, MD, United States
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Cybersecurity Lead
Anadria Consulting • Washington, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Senior Cyber Security Engineer SME — Associate Director
Guidehouse • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Senior Cybersecurity Specialist
SOSi • Fort Belvoir, VA, US
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Cybersecurity Engineer-DARPA, TS / SCI
Blue Sky Innovators • Arlington, VA, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Forescout Cybersecurity Engineer
Phase2 Technology • Washington, DC, United States
[job_card.full_time] +1
[last_updated.last_updated_variable_days] • [promoted]
Cybersecurity Engineer
The Johns Hopkins University Applied Physics Laboratory • Laurel, MD, United States
[job_card.temporary]
[last_updated.last_updated_variable_days] • [promoted]
Mid-Level Cybersecurity Engineer
Dark Wolf Solutions • College Park, MD, US
[job_card.part_time]
[last_updated.last_updated_30] • [promoted]
Lead Cybersecurity Engineer (Linux & Cloud)
AGR LLC • Beltsville, MD, US
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Senior Cybersecurity Engineer
ARES Corporation • Dahlgren, VA, US
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Senior Cybersecurity Engineer (RMF)
Stem IT • Alexandria, VA, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Senior Cybersecurity Engineer
MANTECH • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_variable_days] • [promoted]
Cybersecurity Engineer
SAIC • Washington, DC, United States
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]
Sr. Cybersecurity Engineer - US Citizen
BTI • Washington, DC, US
[job_card.full_time]
[last_updated.last_updated_30] • [promoted]