Senior Security Engineer (NMMES)

Job Title: Senior Security Engineer (NMMES) Job Code: 16421521 Job Location: Norfolk, Virginia IMAGINE ONE is now seeking a Senior Security Engineer.
The Senior Security Engineer must be passionate about IT and cloud security and thrive on problem-solving and risk analysis in a dynamic environment.
You will provide cybersecurity ATO support for our Navy client throughout all steps of the Risk Management Framework (RMF) and will serve as the RMF Subject Matter Expert for your projects.
The Cybersecurity team is responsible for identifying, assessing, and managing threats, vulnerabilities, and associated risks to client’s information systems.
The team is also responsible for managing and maintaining accreditation efforts for client’s information systems, including PIT, ATO, CAR, HRR, and Assess Only packages.
Work for the Navy is associated with the development, fielding and support of a large family of shore-based maintenance applications.
Work will be performed on-site in Norfolk, Virginia.
What You’ll Do as Senior Security Engineer: Manage assigned ATO efforts from end to end throughout the RMF lifecycle Develop POA&Ms and maintain up-to-date status Categorize systems based on business and compliance requirements Select appropriate levels of security controls and test for fit and function Assess evidence, such as STIGs and ACAS scans, provided by capabilities for proof of compliance Develop and maintain standard operating procedures, training documents, technical documentation, and troubleshooting guidelines for security solutions Track and report on ATO efforts, including vulnerability management status, to various levels of Navy and Internal leadership Provide analysis of Information Security vulnerabilities and work with appropriate teams for remediation and mitigation Work with Navy Qualified Validators and the Functional Authorizing Authority to address any conditions or stipulations pertaining to assigned ATO packages Basic Qualifications for Senior Security Engineer: Five plus years of experience working with DOD clients on Cybersecurity and enterprise scale RMF projects using industry standard guidance, such as NIST and/or ISO 27001.
Equivalent experience with standard tools, such as NESSUS and eMASS Four plus years of experience as a key contributor to ATO delivery, including security control implementation and evaluation, evidence review, as well as risk mitigation and remediation, preferably in a DOD or DON environment Two plus years of experience with AWS, Azure, or other cloud technologies Preferred Qualifications for Senior Security Engineer: Five plus years of experience working with security engineering products, including use cases, workflow diagrams, and vulnerability management, including CVSS scoring proficiency Three plus years of experience with managing organizational responsibilities and priorities as a A&A project manager Educational Requirements for Senior Security Engineer: Master’s degree in information technology, cybersecurity, or a related field Certifications in good standing, i.
e.
: CISSP, CCSP, GIAC, AWS Security, or any additional advanced cybersecurity certification PMP or equivalent project management certification; OR, Bachelor’s degree in information technology, computer science, cybersecurity, or related field Security + certification in good standing AWS Certified Cloud Practitioner (AWS CCP) certification or higher in good standing OR CCP required to be completed within six months from date of hire Security Requirements: US citizenship required Active Secret clearance IMAGINE ONE offers a full package of benefits and competitive salary, excellent group medical, vision and dental programs.
401K savings plan; $4K annual tuition reimbursement ($5K if pursuing Master’s degree); employee training, development and education programs; profit sharing; advancement opportunities; and much more! IMAGINE ONE is an Employee-Owned Company! EEO/AA Employer.
Protected Veterans and individuals with disabilities encouraged to apply.