Senior Cybersecurity Engineer - Compliance & Risk Management
Human Resources Research OrganizationAlexandria, VA, USjob_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
- serp_jobs.job_card.full_time
job_description.job_card.job_descriptionUS Citizen with ability to obtain / maintain security clearance Work on-site at Alexandria VA (Up to 2 remote days possible after probation period) Bachelor's degree in Cybersecurity, Computer Science, or equivalent field. Work experience may be considered in lieu of degree 7+ years of cybersecurity engineering and compliance experience 5+ years of enterprise experience managing Risk and Compliance efforts including multiple regulatory and standard security frameworks Existing Security+ certification or the ability to obtain within 6 months (CISSP, CCSP, or CISM preferred) Deep expertise in NIST 800-171, 800-53, RMF, and DoD compliance frameworks Hands-on experience with CMMC and FedRAMP authorization processes Proficiency in Office 365 security configuration and management Experience with vulnerability scanning tools (e.g. ACAS, Nessus, Rapid7, Qualys or equivalent) Strong analytical and information gathering skills with ability to work multiple tasks simultaneously under short deadlines Excellent communication skills for stakeholder engagement Active DoD clearance Experience in the nonprofit sector managing IT or related activities CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA) Experience with FedRAMP 3PAO assessments Knowledge of Supply Chain Risk Management (SCRM) frameworks AWS certifications (Solutions Architect, Security Specialty preferred) Experience with DevSecOps pipeline integration and IAC CISSP, CCSP, CISM, or CISSP-ISSAP certifications Knowledge of DoD STIG implementation and automated compliance tools Federal contracting and audit experience Experience with Atlassian suite (Jira, Confluence) Experience with eMASS package development and continuous monitoring activities Experience with STIG implementation and SCAP compliance validation Experience with bi-annual COOP testing and crisis management plan development Leadership experience managing technical teams People Management Experience is a plus Health, dental and vision insurance Life insurance equal to 2x annual salary Retirement plan with company matching Paid professional development and certification maintenance Tuition reimbursement 12 weeks of paid parental leave Generous paid time off and 10 paid holidays
Job Description
Job Description
Senior Cybersecurity Engineer - Compliance & Risk Management
The Human Resources Research Organization (HumRRO) is a non-profit leader in developing high-impact services and products in the arenas of employment, military, student testing, and professional credentialing and licensure. We work with federal and state government agencies, private sector organizations, and professional associations.
About the Organization
As a non-profit, HumRRO is dedicated to work that contributes to science and society. Our employees enjoy a highly collaborative and supportive environment that fosters innovation, ethical practice, and outstanding customer service. Our core operational staff includes Industrial-Organizational Psychologists, Educational Researchers, and Behavioral Science Consultants. We are committed to supporting a diverse workforce and to practicing equity and inclusion for all staff.
About the Job
We are seeking a Senior Cybersecurity Engineer to lead our enterprise compliance and security programs across federal, state, and private sector engagements. This role manages multiple compliance frameworks including CMMC, FedRAMP, SCRM, NIST 800-171 / 53, and ISO 27001 : 2022 regulatory requirements. You will work on compliance standards across hybrid cloud environments while leading a team of junior engineers conducting vulnerability assessments and security scanning operations. A significant portion of this role involves creating security documentation, developing compliance policies, responding to time-critical security requirements from clients, and managing third-party compliance audits.
As a Senior Cybersecurity Engineer, you will :
- Lead enterprise cybersecurity compliance programs (CMMC, FedRAMP, SCRM, NIST frameworks, ISO 27001 : 2022)
- Manage monthly compliance reporting and KPI dashboards for executive leadership
- Coordinate third-party compliance audits (NIST 800-171, CMMC, ISO 27001, FedRAMP) and remediation activities
- Maintain compliance evidence catalogs and SaaS compliance implementation controls
- Evaluate and implement security controls across software applications and cloud platforms AWS, Azure, and Office 365
- Oversee Risk Management Framework (RMF) processes for government contract organizations as well as applications in the DoD space (ATO / IATT / IATO documentation)
- Conduct weekly Plan of Action and Milestone (POA&M) reviews and monthly security assessments
- Develop and maintain security policies, procedures, and technical standards
- Lead vulnerability management programs & conduct security assessments and penetration testing coordination
- Manage business continuity of operations (COOP) program including disaster recovery and crisis management plans
- Lead incident response and security event investigation
- Mentor and manage junior cybersecurity engineers and analysts
- Interface with federal agencies, auditors, and compliance assessors
- Work with system architects for security requirements on existing cloud workloads, cloud migrations and / or hybrid environments
- Facilitate and oversee completion of all customers' cyber security questionnaires and qualifications with time-critical deadlines
- Coordinate with HumRRO Contracts Division on written responses to RFPs regarding IT security, controls, data privacy and regulatory compliance
- Assist with implementation and administration of cybersecurity supply chain risk management (C-SCRM) program
- Develop compliance documentation and security narratives for proposals
- Support business development with technical security expertise
- Serve as subject matter expert on internal security controls and regulations
Minimum Requirements :
Preferred :
The anticipated salary for this role is $100,000 to $155,000. Specific salary offers are based on candidate qualifications and experience.
Benefits :
All qualified applications will receive consideration without regard to race, color, religion, sex, national origin, age, marital status, sexual orientation, veteran status, medical condition, or disability. EEO / Vet / Disabled.
Named one of "50 Great Places to Work" by Washingtonian magazine and one of "Top Workplaces" by The Washington Post.
serp_jobs.job_alerts.create_a_job
Senior Cybersecurity Engineer • Alexandria, VA, US
Job_description.internal_linking.related_jobs
Senior Cybersecurity Engineer - Compliance & Risk Management.The Human Resources Research Organization (HumRRO).We work with federal and state government agencies, private sector organizations,...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
We are seeking an experienced Cybersecurity Systems Engineer to support the design, deployment, and sustainment of advanced security capabilities in secure enterprise environments.The role blends s...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Workforce Classification : • •Hybrid • •Join Our Team : Do Meaningful Work and Improve People’s Lives • •Our purpose, to improve customers’ lives by making healthcare work better, is far from ordinary.Work...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
They will ensure the confidentiality, integrity, and availability of sensitive data systems and architectures.This position is set to be supported in Chantilly, VA.
Key responsibilities include, but...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets.We leverage more tha...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Cyber Infrastructure Engineer to safeguard digital assets and enhance security measures.Key Responsibilities Lead the design and administration of application security systems and cloud-native se...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30 A company is looking for a Cybersecurity Support Engineer III.Key Responsibilities : Lead the design and implementation of secure infrastructure aligned with Zero Trust Architecture principles Co...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours 
Contract Task Lead / Cybersecurity Lead.Navy customer at Dahlgren NSWC, VA.Develop cybersecurity requirements, policy standards, best practices, guidance, and procedures for combat systems.Conduct ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
IPTA's Technology Solutions Team is passionate about providing our customers with technical solutions that satisfy their business needs.
Through collaborative interactions with customers, team m...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
KMI) has the leadership and experience to deliver innovative technology, logistics and management solutions to meet real mission requirements.
KMI is a Minority Business Enterprise (MBE) and Small D...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Trident has built a reputation as a trusted provider of aerospace and defense electronics & processing systems including digital RF & Optical command and control solutions and atmospheric &...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Join us in improving and shaping the future of smart mobility with a group of intelligent, motivated, and dedicated individuals! The Leidos Surface Transportation group focuses on improving transpo...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Bachelor's degree (Master's Preferred) in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent;.Individual ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30 A company is looking for a Senior Cloud Security Engineer to join their team.Key Responsibilities Manage enterprise-wide security tools and platforms, including SIEM, DLP, and vulnerability manag...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30 A company is looking for a Cybersecurity Assessment & Authorization (A&A) SME.Key Responsibilities Serve as a DOD cybersecurity SME for information systems undergoing A&A Apply NIST 800-53 secur...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days 
Government Publishing Office (GPO).Must reside within commuting distance of GPO HQ in Washington, D.Public Trust or ability to obtain (higher clearance may be required).
Estimated Period of Performa...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
On our expert team, you\'ll perform work focused on implementing and operating next generation security solutions for government and commercial clients.
You\'ll perform hands-on evaluation, implemen...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days A company is looking for a Senior Cybersecurity Specialist - Red Team - Pentester.Key Responsibilities Maintain secure configurations and operations of IT assets Lead cybersecurity projects and ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Senior Cybersecurity Engineer - Compliance & Risk Management
Human Resources Research OrganizationAlexandria, VA, USAserp_jobs.job_card.full_time
serp_jobs.filters_job_card.quick_apply
- serp_jobs.job_card.promoted
Cybersecurity Systems Engineer - Full Scope Polygraph
PlugFort Meade, MD, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity Threat Response Engineer
PremeraWashington, DC, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Cybersecurity Engineer
Dark Wolf SolutionsChantilly, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Cybersecurity Specialist
BarbaricumFort Belvoir, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Cybersecurity Engineer
VirtualVocationsFairfax, Virginia, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
- serp_jobs.job_card.new
Cybersecurity Support Engineer
VirtualVocationsAlexandria, Virginia, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Cybersecurity Engineer
RPI Group IncDahlgren, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity Engineer
Interactive Process Technology LLCFort Belvoir, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Sr. Cybersecurity Engineer III
Knowledge Management, Inc.McLean, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity Engineer
Trident Systems IncFairfax, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity Architect / Engineer
LeidosMount Rainier, MD, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity Engineer-DARPA, TS / SCI
Blue Sky InnovatorsArlington, VA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Cyber Security Engineer
VirtualVocationsAlexandria, Virginia, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity A&A Subject Matter Expert
VirtualVocationsAlexandria, Virginia, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Cybersecurity Engineer
Diligent Consulting IncWashington, DC, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Forescout Cybersecurity Engineer
Phase2 TechnologyWashington, DC, United Statesserp_jobs.job_card.full_time +1
- serp_jobs.job_card.promoted
Senior Cybersecurity Specialist
VirtualVocationsWashington, District of Columbia, United Statesserp_jobs.job_card.full_time