Jobgether

Cybersecurity Engineer - Clearance Required

Jobgether · United States · $111K–$200K/yr

Internet Marketplace Platforms · 11-50 employees

13 h ago
Remote Senior (5-10 yrs) Full-time United States
Log in to apply, save this posting, or score it against your profile with AI.

About the role

As a Cybersecurity Engineer, you will own security engineering activities supporting secure deployment, authorization, and continuous compliance of enterprise platforms. You will collaborate with engineering teams and security stakeholders to translate cybersecurity requirements into practical technical solutions.

What they look for

Cybersecurity Engineering Risk Management Framework Cloud Security Vulnerability Management Secure Configurations Continuous Monitoring NIST 800-53 CIS Benchmarks DISA STIGs DevSecOps AWS AI Security Documentation Compliance Automation Container Security

Requirements

The ideal candidate should have strong cybersecurity engineering experience in federal environments and expertise with authorization processes. A bachelor's degree in a related field and 5+ years of relevant experience are required.

Full description

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Cybersecurity Engineer - Clearance Required based in United States.

This role offers the opportunity to secure mission-critical federal technology platforms through hands-on cybersecurity engineering and DevSecOps practices.You will play a key role in maintaining authorization readiness, strengthening security controls, and protecting cloud-based systems in highly regulated environments.The position combines technical execution, compliance expertise, and close collaboration with engineering and security teams.You will work on vulnerability management, cloud security, secure configurations, and continuous monitoring activities that directly impact operational readiness.This is an opportunity to move beyond documentation-focused security work and actively improve the resilience of real-world systems.You will contribute to modern cybersecurity initiatives involving cloud platforms, automation, and emerging AI technologies in federal environments.

\n

Accountabilities: As a Cybersecurity Engineer, you will own security engineering activities supporting secure deployment, authorization, and continuous compliance of enterprise platforms. You will collaborate with engineering teams, security stakeholders, and government partners to translate cybersecurity requirements into practical technical solutions.

  • Lead Risk Management Framework (RMF) activities, including system categorization, control selection, implementation, assessment, and continuous monitoring.
  • Develop, maintain, and manage authorization documentation including System Security Plans (SSP), Security Assessment Plans (SAP), Security Assessment Reports (SAR), Plans of Action and Milestones (POA&M), and supporting artifacts.
  • Coordinate with Information Systems Security Officers (ISSOs), Authorizing Officials, and cybersecurity stakeholders to support authorization and compliance activities.
  • Interpret NIST 800-53 controls and translate security requirements into actionable engineering tasks.
  • Conduct vulnerability assessments across CI/CD pipelines and production environments, analyze findings, and coordinate remediation efforts.
  • Validate security configurations and hardening standards such as CIS Benchmarks and DISA STIGs across containers, hosts, and cloud resources.
  • Support cloud and container security initiatives, including AWS GovCloud security controls, identity management, network protections, secrets management, logging, and runtime security.
  • Develop and maintain cybersecurity policies, procedures, and operational documentation.
  • Track security findings, remediation activities, audit requirements, and compliance milestones through completion.
  • Support FedRAMP-aligned security implementations and control inheritance activities.
  • Provide guidance to leadership on system risks, security posture, control effectiveness, and emerging cybersecurity considerations.
  • Advise teams on securing AI-enabled systems, including risks related to LLMs, generative AI, data handling, and model outputs.

Requirements:

The ideal candidate brings strong cybersecurity engineering experience in federal environments, expertise with authorization processes, and the ability to bridge security compliance requirements with real-world engineering solutions.

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related technical field.
  • 5+ years of experience designing, implementing, and monitoring cybersecurity solutions in federal or highly regulated environments.
  • 5+ years of hands-on Risk Management Framework (RMF) experience, including Authorization to Operate (ATO) development and continuous monitoring aligned with NIST 800-53.
  • CISSP, CISM, or equivalent senior-level cybersecurity certification.
  • Strong knowledge of cloud security principles, particularly AWS, including experience with GovCloud or similar high-compliance environments.
  • Experience managing vulnerability workflows, including scanning, assessment, remediation tracking, and reporting.
  • Experience implementing secure system configurations using standards such as CIS Benchmarks and DISA STIGs.
  • Familiarity with secure software development practices, including secrets management, access controls, auditability, and CI/CD security.
  • Strong written communication skills with experience producing security documentation suitable for assessor and authorization reviews.
  • Ability to translate compliance requirements into technical engineering solutions and collaborate effectively with developers.
  • Experience securing AI, LLM, generative AI, or agentic AI systems is a plus.

Preferred qualifications include:

  • Experience supporting Authorization to Operate (ATO) or continuous authorization processes for DHS or similar federal systems.
  • Knowledge of DHS cybersecurity policies, including DHS 4300A requirements.
  • FedRAMP readiness or assessment experience.
  • Hands-on container and Kubernetes security experience, including image scanning, admission controls, or runtime protection.
  • Experience integrating security tools into DevSecOps workflows and Git-based CI/CD pipelines.
  • Familiarity with vulnerability management platforms such as Tenable.
  • Experience using ATO documentation platforms such as Xacta, OpenRMF, or similar tools.
  • Knowledge of CISA directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) security programs.

Benefits:

  • Competitive salary range of approximately $111,427–$200,000 annually, depending on qualifications, experience, location, contract requirements, and security clearance factors.
  • Full-time salaried position with remote work flexibility.
  • Opportunity to work on high-impact cybersecurity initiatives supporting federal missions.
  • Exposure to modern cloud, DevSecOps, automation, and AI security technologies.
  • Collaborative environment with cybersecurity, engineering, and government stakeholders.
  • Opportunities to contribute to mission-critical technology platforms.
  • Equal opportunity workplace committed to fair and inclusive employment practices.

\nHow Jobgether works:

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1