Cyber Security Engineer
VetsEZ
CloudCyber Security
Security Policy and Compliance Manager
Cybervance, Inc.
full-time
Posted on:
Location Type: Office
Location: Washington, D.C. • Washington • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber Security
About the role
- Develop, maintain, and manage security documentation required for the Authorization and Accreditation (A&A) package, including System Security Plans (SSPs), Contingency Plans (CPs), and Security Assessment Reports (SARs).
- Provide oversight and development of Plans of Action and Milestones (POA&Ms) and ensure timely remediation of identified risks.
- Lead and perform all continuous monitoring activities, ensuring security controls remain effective and compliant with federal regulations.
- Conduct and document risk assessments based on NIST standards, ensuring that system design and implementation sufficiently mitigate Information Assurance (IA) risks.
- Implement, assess, and validate NIST SP 800-53A security controls for federal agencies, ensuring systems achieve and maintain compliance.
- Apply advanced risk management techniques to identify vulnerabilities and provide recommendations for mitigation strategies.
- Collaborate with technical teams to integrate security into system development life cycles and operational processes.
- Utilize data analysis, data mining, and business intelligence techniques to correlate data from disparate sources, identify trends, and create informative risk/compliance dashboards and visualizations.
- Provide guidance on security policy, compliance requirements, and audit readiness to technical and business stakeholders.
- Stay current with evolving federal security requirements, emerging technologies, and industry best practices to maintain a compliance posture.
Requirements
- At least 5 years of hands-on experience developing A&A documentation (SSP, CP, SAR) and overseeing POA&Ms, with continuous monitoring responsibilities performed within the last three years.
- CISSP certification required.
- Minimum of 5 years’ experience implementing NIST 800-53A security controls in federal environments.
- Strong expertise in applying risk management frameworks and conducting risk assessments in accordance with NIST standards.
- 1+ years of experience working with data structures, data mining, and business intelligence, including correlating disparate data sources and creating data-driven visualizations.
- Strong understanding of federal security and compliance requirements (e.g., NIST RMF, FISMA, FedRAMP).
- Excellent written and verbal communication skills.
- Strong analytical and problem-solving skills with attention to detail.
- Ability to collaborate effectively across technical, compliance, and executive teams.
- Bachelor’s degree in computer science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
- Public Trust clearance required.
- Additional certifications such as CISM, CISA, CAP, or Security+ are desirable.
ATS Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
A&A documentationSystem Security Plans (SSP)Contingency Plans (CP)Security Assessment Reports (SAR)Plans of Action and Milestones (POA&Ms)NIST SP 800-53Arisk management frameworksdata miningbusiness intelligencerisk assessments
Soft skills
communication skillsanalytical skillsproblem-solving skillsattention to detailcollaboration skills
Certifications
CISSPCISMCISACAPSecurity+
