Mid-Level Cybersecurity Engineer
Full Time • Fully Remote - US
Benefits:
- Vision insurance
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
Job title: Cybersecurity Engineer
Level: Mid-Level
Location / Work type: Remote/Full-Time
Clearance: Must be able to get a Public Trust
About the Company:
Imagineeer is leading the charge in data transformation, impacting sectors from healthcare to government operations, green energy, supply chain, and sports. Leveraging cutting-edge technologies like AI, post-quantum security, and blockchain, we empower decision-makers and fortify data security. We specialize in federal agency modernization; we collaborate closely to transform operational ecosystems, addressing unique challenges with acquisition support and stakeholder communication. Imagine Lab, our digital think tank, explores innovation through employee engagement and machine-generated insights. If you're passionate about reimagining operations and empowering organizations to evolve proactively, join us in shaping the future.
About this Role:
We are seeking a motivated Mid-Level Assessment & Authorization (A&A) Cybersecurity Engineer to support the security compliance and authorization processes for our federal government clients. This role offers an excellent opportunity for a cybersecurity professional with a solid foundation in NIST Risk Management Framework (RMF) and FISMA to grow into a senior-level role.
The ideal candidate will have hands-on experience in supporting cybersecurity compliance activities and a strong desire to advance their career in federal cybersecurity.
Key Responsibilities:
- Assist in the development and maintenance of security authorization packages
- Support the execution of security control assessments (SCA) and prepare associated documentation
- Help develop and maintain System Security Plans (SSPs)
- Track and manage Plans of Action and Milestones (POA&M) to ensure timely remediation of findings
- Participate in security impact analyses for system changes and updates
- Support the implementation of security controls and assist with technical remediation efforts
- Assist in conducting vulnerability assessments and documenting results
- Maintain and update authorization documentation to support ATO (Authorization to Operate) and reauthorization efforts
- Support continuous monitoring (ConMon) activities to ensure ongoing compliance
- Collaborate closely with system owners, security teams, and stakeholders to support cybersecurity requirements
- Assist in the development of security policies, procedures, and standard operating procedures (SOPs)
- Contribute to the preparation of Security Assessment Reports (SARs) and other compliance artifacts
- Participate in security working groups, meetings, and briefings as needed
Qualifications and Skills:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
- 4+ years of cybersecurity experience, with a focus on Assessment & Authorization (A&A) processes
- 2+ years of direct experience working with NIST RMF and FISMA compliance requirements
- Active Security+ certification (or equivalent such as SSCP, GSEC)
- Ability to obtain and maintain a Public Trust clearance
- Strong knowledge of the NIST Risk Management Framework (RMF) and FISMA requirements
- Familiarity with NIST 800-53 and related security control catalogs
- Understanding of security control assessments and the A&A process lifecycle
- Ability to develop, maintain, and review security documentation including SSPs, POA&Ms, and SARs
- Familiarity with security assessment and compliance tools (e.g., eMASS, Xacta, Archer)
- Knowledge of common security tools and technologies (e.g., vulnerability scanners like Nessus, Qualys)
- Basic skills in risk assessment and security analysis
- Strong technical writing and documentation skills
- Excellent attention to detail and commitment to producing high-quality work
- Good communication skills, both verbal and written
- Ability to work both independently and as part of a team in a collaborative environment
Desired Skills and Competencies:
- Additional certifications such as CASP+, CISSP (Associate), CAP, CEH
- Experience supporting classified systems or sensitive federal systems
- Knowledge of Cloud Security principles and familiarity with FedRAMP compliance
- Exposure to DevSecOps concepts, automated compliance, and security pipelines
- Familiarity with the Cybersecurity Maturity Model Certification (CMMC) framework
- Experience with continuous monitoring tools and techniques
- Basic understanding of security architecture principles
- Awareness of privacy requirements and associated controls
- Experience with documentation management systems (e.g., SharePoint, Confluence)
- Familiarity with agile development methodologies
- Prior experience working in or supporting federal government contracts
- Understanding of security testing methodologies, vulnerability scanning, and mitigation processes
Additional Information:
This is a remote position, with periodic virtual collaboration required.
Must be a U.S. Citizen capable of obtaining a Public Trust clearance.
This is a remote position.
Compensation: $110,000.00 - $120,000.00 per year
About Us
Our Approach
We firmly believe in the uniqueness of every business, necessitating a personalized approach to transformation. This conviction drives us to invest time in comprehending an organization's historical challenges and operational framework. Our commitment is to foster innovation by adopting a tailored strategy that optimizes the utilization of an organization's human resources and data assets. With a wealth of experience, we specialize in guiding organizations through the implementation of post-quantum security, protocols for autonomy, and artificial intelligence.
We are committed to working with clients to positively disrupt, modernize, and transform their organizations and business processes. Noteworthy achievements include initiatives aimed at enhancing human resilience in the food supply chain, leveraging autonomy for streamlined operations, establishing root-of-trust capabilities for high-quality, trusted data, and designing ecosystems and tools for securing and transferring digital value through digital wallets. . Our proficiency extends to using artificial intelligence and data to fortify security and enhance visibility in data assets, aiding in the management of health issues at local, state, and national levels. We've developed a modern security posture to effectively mitigate risks associated with cyber attacks from nation-states. Our wealth of experience is underpinned by collaborative work with diverse multidisciplinary teams, thriving in highly complex and rapidly changing environments.
Our Mission
Imagineeer's mission is to empower transformation through the operationalization of intuition. We establish an innovation pipeline, reimagining operations by delving into data analysis to optimize outcomes for our valued customers.
Collaborating closely with our clients, we strive to actualize the inherent genius embedded within their organizational structure. Our efforts focus on the transformation of organizations, emphasizing the development of foundational strengths in key areas, including data, personnel, hypothesis development, and the cultivation of a learning-from-failure mindset.
(if you already have a resume on Indeed)