Sr. Cybersecurity Engineer

I

IMAGINEEER LLC

Sr. Cybersecurity Engineer

Arlington, VA
Full Time
Paid
  • Responsibilities

    Benefits:

    401(k)

    Dental insurance

    Health insurance

    Paid time off

    Vision insurance

    Job title: Cybersecurity Engineer

    Level: Sr.

    Location / Work type: Remote/Full-Time

    Clearance: Must be able to get a Public Trust

    About the Company:

    Imagineeer is leading the charge in data transformation, impacting sectors from healthcare to government operations, green energy, supply chain, and sports. Leveraging cutting-edge technologies like AI, post-quantum security, and blockchain, we empower decision-makers and fortify data security. We specialize in federal agency modernization; we collaborate closely to transform operational ecosystems, addressing unique challenges with acquisition support and stakeholder communication. Imagine Lab, our digital think tank, explores innovation through employee engagement and machine-generated insights. If you're passionate about reimagining operations and empowering organizations to evolve proactively, join us in shaping the future.

    About this Role:

    We are seeking a highly skilled Senior Cybersecurity Engineer (A&A) to support our federal government client. This role focuses on Assessment & Authorization (A&A) processes, ensuring systems maintain compliance with federal cybersecurity standards. The ideal candidate will possess in-depth experience with the NIST Risk Management Framework (RMF), FISMA, and other federal security compliance requirements.

    This is a remote position; however, candidates must be able to obtain a Public Trust clearance.

    Key Responsibilities:

    Lead and manage the full lifecycle of Assessment & Authorization (A&A) for complex federal information systems

    Design, implement, and maintain secure system architectures

    Deploy and manage security tools and technologies to protect systems

    Troubleshoot and resolve cybersecurity issues

    Develop and maintain comprehensive security authorization packages

    Conduct detailed risk assessments and security control assessments (SCA)

    Develop, review, and update System Security Plans (SSP)

    Create and manage Plans of Action and Milestones (POA&M) for identified risks and vulnerabilities

    Perform security impact analyses for system changes

    Guide technical teams on the implementation and maintenance of security controls

    Collaborate closely with system owners, stakeholders, and security teams to maintain security compliance

    Provide subject matter expertise on federal security requirements, controls, and risk management

    Support continuous monitoring programs to maintain ongoing system authorization

    Prepare and maintain documentation required for security authorizations and reauthorizations

    Lead vulnerability assessments and coordinate remediation efforts

    Assist in developing and updating security policies, standards, and procedures

    Interface with Authorizing Officials (AOs) and their representative

    Qualifications and Skills:

    Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field

    8+ years of cybersecurity experience, with a strong focus on A&A and federal compliance processes

    Active security certification: Security+, CISSP, or equivalent

    Ability to obtain and maintain a Public Trust clearance

    Deep knowledge of NIST Risk Management Framework (RMF) and FISMA compliance

    Expertise in NIST 800-53 security controls and implementation

    Proven experience with security control assessments, risk assessments, and vulnerability management

    Proficient in developing key cybersecurity documents: SSP, POA&M, Security Assessment Reports (SAR), and others

    Strong understanding of network, system, and cloud security architectures

    Familiarity with security assessment and authorization tools (e.g., eMASS, Xacta, Archer)

    Excellent technical writing and documentation skills

    Solid analytical, problem-solving, and project management capabilities

    Experience with vulnerability scanning and analysis tools (e.g., Nessus, Qualys, OpenVAS)

    Ability to communicate effectively with technical and non-technical stakeholders.

    Desired Skills and Competencies:

    Advanced cybersecurity certifications such as CISSP, CAP, CISM, CISA

    Experience with FedRAMP cloud security authorizations

    Knowledge of CMMC compliance frameworks

    Understanding of DevSecOps practices and secure SDLC

    Familiarity with agile development methodologies

    Experience with continuous monitoring programs and automated compliance tools

    Security architecture development experience for both on-prem and cloud systems

    Knowledge of privacy controls and data protection requirements

    Experience with security orchestration, automation, and response (SOAR) tools

    Prior experience supporting federal government contracts, including classified and unclassified systems

    Additional Information:

    This is a remote role, but occasional virtual meetings and collaboration with teams based in Alexandria, VA may be required.

    Must be a U.S. Citizen capable of obtaining a Public Trust clearance.

    This is a remote position.