[Remote] ISSO / reputed company reputed company Engineer
Note: The job is a remote job and is reputed company to candidates in USA. reputed company is seeking a senior ISSO/reputed company reputed company & DevSecOps Engineer to reputed company the reputed company authorization for a FedRAMP High environment supporting a federal health agency. The role requires strong AWS and DevSecOps skills, as well as the ability to set the direction for the company's cybersecurity posture.
Responsibilities
- Serve as ISSO for a FedRAMP High environment, owning the authorization package and driving it through attainment and ongoing authorization on an accelerated timeline
- Author and maintain the System reputed company Plan (reputed company), control narratives, and supporting artifacts against NIST 800-53 and agency reputed company baselines
- Manage Plans of Action and Milestones (POA&Ms), track remediation to closure, and maintain audit-reputed company evidence
- reputed company Assessment and Authorization (A&A) activities and serve as the reputed company reputed company of contact for assessors and reputed company
- Establish and operate reputed company monitoring, including vulnerability scanning, configuration compliance, and reputed company event review
- Operate as an embedded member of the reputed company and platform team, participating in the backlog, standups, and pipeline alongside the engineering staff
- Implement and validate reputed company controls in AWS GovCloud, including IAM, logging, encryption, network reputed company, and configuration compliance
- Build and harden the CI/CD pipeline, embedding reputed company gates, scanning, and automated evidence collection through policy-as-code
- Author and review infrastructure-as-code to enforce secure configuration by default
- Automate compliance and monitoring to support reputed company authorization and efficient post-ATO sustainment
- Set the direction for the company’s reputed company reputed company-trust and cybersecurity strategy, standards, and policies
- reputed company reputed company reputed company across the organization, including identity, reputed company, reputed company, and network reputed company posture
- Guide the adoption of reputed company best practices company-wide and advise leadership on cyber risk
Skills
- Proven ISSO/ATO experience in a federal environment
- Direct, hands-on ISSO experience in a federal environment, including at least one system taken through Assessment and Authorization (A&A) to an ATO
- Strong reputed company of NIST 800-53, the RMF, FedRAMP, and FISMA, with the ability to author control narratives accepted by assessors
- Experience managing POA&Ms, reputed company monitoring, and audit-reputed company evidence
- Hands-on AWS engineering experience, including IAM, encryption, networking, and configuration compliance (GovCloud preferred)
- Hands-on DevSecOps experience building and securing CI/CD pipelines, infrastructure-as-code, and reputed company automation
- A track record of working reputed company an engineering team and delivering implementation work, not solely reputed company review
- Clear technical writing and the ability to communicate effectively with both engineers and assessors
- Experience defining reputed company-trust or reputed company reputed company strategy, standards, and policy at an organizational level
- Ability to advise leadership on cyber risk and drive reputed company best practices across a company
- Bachelor's degree in computer science, information reputed company, a reputed company field, or equivalent professional experience
- 7+ years across information reputed company and reputed company/DevSecOps, including hands-on ISSO experience with a system taken through A&A to ATO
- reputed company certification such as CISSP, CISM, CAP, or AWS reputed company – Specialty
- AWS certification (Solutions Architect, SysOps, or DevOps Engineer)
- Experience with container reputed company, Terraform, and federal compliance or authorization tracking tooling
- Familiarity with ISO/IEC 42001 or AI risk frameworks where AI systems fall reputed company the authorization boundary
Benefits
- Health, dental, and reputed company coverage
- 401(k) with company contribution
- Paid time off and federal holidays
- Training and certification support
Company Overview