Mid-Level Cybersecurity Engineer

I

IMAGINEEER LLC

Mid-Level Cybersecurity Engineer

Arlington, VA
Full Time
Paid
  • Responsibilities

    Benefits:

    Vision insurance

    401(k)

    Dental insurance

    Health insurance

    Paid time off

    Job title: Cybersecurity Engineer

    Level: Mid-Level

    Location / Work type: Remote/Full-Time

    Clearance: Must be able to get a Public Trust

    About the Company:

    Imagineeer is leading the charge in data transformation, impacting sectors from healthcare to government operations, green energy, supply chain, and sports. Leveraging cutting-edge technologies like AI, post-quantum security, and blockchain, we empower decision-makers and fortify data security. We specialize in federal agency modernization; we collaborate closely to transform operational ecosystems, addressing unique challenges with acquisition support and stakeholder communication. Imagine Lab, our digital think tank, explores innovation through employee engagement and machine-generated insights. If you're passionate about reimagining operations and empowering organizations to evolve proactively, join us in shaping the future.

    About this Role:

    We are seeking a motivated Mid-Level Assessment & Authorization (A&A) Cybersecurity Engineer to support the security compliance and authorization processes for our federal government clients. This role offers an excellent opportunity for a cybersecurity professional with a solid foundation in NIST Risk Management Framework (RMF) and FISMA to grow into a senior-level role.

    The ideal candidate will have hands-on experience in supporting cybersecurity compliance activities and a strong desire to advance their career in federal cybersecurity.

    Key Responsibilities:

    Assist in the development and maintenance of security authorization packages

    Support the execution of security control assessments (SCA) and prepare associated documentation

    Help develop and maintain System Security Plans (SSPs)

    Track and manage Plans of Action and Milestones (POA&M) to ensure timely remediation of findings

    Participate in security impact analyses for system changes and updates

    Support the implementation of security controls and assist with technical remediation efforts

    Assist in conducting vulnerability assessments and documenting results

    Maintain and update authorization documentation to support ATO (Authorization to Operate) and reauthorization efforts

    Support continuous monitoring (ConMon) activities to ensure ongoing compliance

    Collaborate closely with system owners, security teams, and stakeholders to support cybersecurity requirements

    Assist in the development of security policies, procedures, and standard operating procedures (SOPs)

    Contribute to the preparation of Security Assessment Reports (SARs) and other compliance artifacts

    Participate in security working groups, meetings, and briefings as needed

    Qualifications and Skills:

    Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field

    4+ years of cybersecurity experience, with a focus on Assessment & Authorization (A&A) processes

    2+ years of direct experience working with NIST RMF and FISMA compliance requirements

    Active Security+ certification (or equivalent such as SSCP, GSEC)

    Ability to obtain and maintain a Public Trust clearance

    Strong knowledge of the NIST Risk Management Framework (RMF) and FISMA requirements

    Familiarity with NIST 800-53 and related security control catalogs

    Understanding of security control assessments and the A&A process lifecycle

    Ability to develop, maintain, and review security documentation including SSPs, POA&Ms, and SARs

    Familiarity with security assessment and compliance tools (e.g., eMASS, Xacta, Archer)

    Knowledge of common security tools and technologies (e.g., vulnerability scanners like Nessus, Qualys)

    Basic skills in risk assessment and security analysis

    Strong technical writing and documentation skills

    Excellent attention to detail and commitment to producing high-quality work

    Good communication skills, both verbal and written

    Ability to work both independently and as part of a team in a collaborative environment

    Desired Skills and Competencies:

    Additional certifications such as CASP+, CISSP (Associate), CAP, CEH

    Experience supporting classified systems or sensitive federal systems

    Knowledge of Cloud Security principles and familiarity with FedRAMP compliance

    Exposure to DevSecOps concepts, automated compliance, and security pipelines

    Familiarity with the Cybersecurity Maturity Model Certification (CMMC) framework

    Experience with continuous monitoring tools and techniques

    Basic understanding of security architecture principles

    Awareness of privacy requirements and associated controls

    Experience with documentation management systems (e.g., SharePoint, Confluence)

    Familiarity with agile development methodologies

    Prior experience working in or supporting federal government contracts

    Understanding of security testing methodologies, vulnerability scanning, and mitigation processes

    Additional Information:

    This is a remote position, with periodic virtual collaboration required.

    Must be a U.S. Citizen capable of obtaining a Public Trust clearance.

    This is a remote position.