i4DM Logo

i4DM

Senior RMF & ATO Engineer

Posted 2 Days Ago
Be an Early Applicant
Remote
Hiring Remotely in USA
Senior level
Remote
Hiring Remotely in USA
Senior level
Lead implementation and maintenance of NIST RMF and ATO processes for a VA cloud-native platform. Engineer security controls, automate compliance validation in CI/CD, support secure cloud deployments, manage continuous monitoring and vulnerability remediation, produce authorization artifacts, assist incident response, and mentor junior engineers.
The summary above was generated by AI
Description

About Our Team 

Our employees thrive in a culture that's fast-paced and ego-free, where innovation and collaboration are encouraged at every turn. We are an organization that provides federal agencies instant access to experienced and talented professionals who understand their unique challenges and know the most efficient ways to address them. We are continually investing in resources and talent, so we stay prepared with specialized teams in place who are experts in creating tailored technologies. Our solutions empower Federal organizations to grow, modernize, and succeed in a rapidly evolving landscape.  

We value all voices and want to attract talent from all backgrounds. We're on the lookout for individuals who are passionate about technology and thrive in environments where problem-solving is approached with creativity and enthusiasm. If you're someone who enjoys continuously expanding your skill set while tackling real-world business problems, you'll feel right at home with us. Veterans and military spouses are especially encouraged to bring your unique and valuable experience to our team. 


About the Role 

We are seeking an experienced Senior RMF & ATO Security Engineer to serve as the technical cybersecurity lead responsible for implementing and maintaining Risk Management Framework (RMF), Authorization to Operate (ATO), and continuous monitoring activities supporting a mission-critical cloud-native platform within the Department of Veterans Affairs (VA). 

This is a hands-on engineering role that partners closely with Cloud Engineers, DevSecOps Engineers, Site Reliability Engineers, Solution Architects, and Government cybersecurity stakeholders to integrate security throughout the system lifecycle. The Senior RMF & ATO Security Engineer will engineer security controls, automate compliance validation, support secure cloud deployments, and ensure continuous authorization through effective implementation of Federal cybersecurity requirements. 


RESPONSIBILITIES 

  • Implement security controls required throughout the NIST RMF lifecycle. 
  • Engineer technical solutions supporting Categorize, Select, Implement, Assess, Authorize, and Monitor activities. 
  • Develop and maintain SSPs, POA&Ms, Security Assessment Reports, contingency plans, and authorization artifacts. 
  • Implement continuous monitoring processes, vulnerability management, and compliance reporting. 
  • Integrate SAST, DAST, container scanning, IaC validation, and other security automation into CI/CD pipelines. 
  • Collaborate with Cloud, DevSecOps, SRE, and software engineering teams to implement secure cloud-native architectures. 
  • Review AWS and Kubernetes environments for compliance with NIST SP 800-53 and VA security requirements. 
  • Participate in incident response, root cause analysis, and corrective action implementation. 
  • Support security audits, assessments, and ATO renewals by producing technical evidence and documentation. 
  • Mentor junior engineers on RMF implementation and cloud security best practices. 

TAG: #LI-I4DM

TAG: INDMJC

Requirements

QUALIFICATIONS 

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field. 
  • 7+ years supporting RMF, ATO, cybersecurity engineering, or cloud security in Federal environments. 
  • Strong knowledge of NIST SP 800-53, RMF, FISMA, HIPAA, and VA cybersecurity requirements. 
  • Experience with AWS, Kubernetes, Docker, Terraform, and CI/CD security integration. 
  • Experience with vulnerability management, POA&M tracking, and continuous monitoring. 
  • CISSP, CISM, or equivalent certification. 
  • Eligible to obtain and maintain a Public Trust clearance. 

PREFERRED QUALIFICATIONS 

  • AWS GovCloud experience. 
  • Experience with eMASS, SNOWCAM, Nessus, Security Hub, GuardDuty, Vault, Prometheus, Grafana, ELK, or Splunk. 
  • Experience securing healthcare platforms handling PHI. 
  • Experience supporting Kafka/MSK and event-driven architectures. 
  • teams. 
  • Identify and mitigate risks related to deployment, security, and system availability. 

Similar Jobs

5 Hours Ago
Remote or Hybrid
USA
55K-142K Annually
Mid level
55K-142K Annually
Mid level
Machine Learning • Payments • Security • Software • Financial Services
The Incident & Problem Consultant manages high-impact IT incidents, coordinates response teams, monitors events, and drives issue resolution, ensuring effective communication throughout.
Top Skills: ItilMicrosoft Teams
5 Hours Ago
Remote or Hybrid
USA
38K-88K Annually
Mid level
38K-88K Annually
Mid level
Machine Learning • Payments • Security • Software • Financial Services
Provide high-volume, phone-based technical support and real-time troubleshooting for hardware, software, network, and access issues. Create and manage incidents in ServiceNow or similar ITSM tools, escalate complex problems, collaborate with internal teams, and recommend process improvements while maintaining security, data privacy, and excellent customer service in a remote workspace.
Top Skills: Call Center TechnologiesHardwareHelp DeskItsmNetworkingRemote Support ToolsServicenowSoftwareTicketing Systems
7 Hours Ago
Remote or Hybrid
166K-290K Annually
Senior level
166K-290K Annually
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Lead product marketing for ServiceNow's telecommunications portfolio: craft messaging, drive releases and sales enablement, support deals with positioning and competitive insight, and embed AI-first workflows for scalable content and research.
Top Skills: Ai ToolsBssOssServicenow

What you need to know about the Seattle Tech Scene

Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.

Key Facts About Seattle Tech

  • Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Amazon, Microsoft, Meta, Google
  • Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Madrona, Fuse, Tola, Maveron
  • Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account